urlscan.io logo urlscan.io
SecurityTrails logo

login.diamond.co.uk Open in urlscan Pro
213.39.119.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myaccount.diamond.co.uk/
Effective URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foa...
Submission: On August 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 3 countries across 19 domains to perform 118 HTTP transactions. The main IP is 213.39.119.228, located in Unterfoehring, Germany and belongs to GTT-BACKBONE GTT, US. The main domain is login.diamond.co.uk.
TLS certificate: Issued by Thawte RSA CA 2018 on November 7th 2022. Valid for: a year.
This is the only time login.diamond.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 156.154.120.50 19905 (SECURITYS...)
2 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 108.138.128.101 16509 (AMAZON-02)
2 23.54.221.214 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 23.52.150.163 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 18.164.116.61 16509 (AMAZON-02)
1 18.164.116.49 16509 (AMAZON-02)
2 18.164.116.6 16509 (AMAZON-02)
3 2600:9000:220... 16509 (AMAZON-02)
4 208.89.12.153 11054 (LIVEPERSON)
3 44.196.7.213 14618 (AMAZON-AES)
2 52.216.134.213 16509 (AMAZON-02)
4 52.45.108.63 14618 (AMAZON-AES)
6 52.70.121.124 14618 (AMAZON-AES)
2 2a02:6ea0:c45... 60068 (CDN77 ^_^)
4 52.71.77.185 14618 (AMAZON-AES)
6 208.89.12.91 11054 (LIVEPERSON)
12 208.89.12.90 11054 (LIVEPERSON)
5 178.249.97.70 11054 (LIVEPERSON)
3 138.199.40.58 60068 (CDN77 ^_^)
2 142.251.41.2 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
10 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 34.249.43.135 16509 (AMAZON-02)
2 14 213.39.119.228 3257 (GTT-BACKB...)
2 2600:141b:900... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
118 31
10    156.154.120.50 (United States)

ASN19905 (SECURITYSERVICES, US)
myaccount.diamond.co.uk
2    2600:1400:d:59b::13b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    108.138.128.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-101.jfk50.r.cloudfront.net
cdn.appdynamics.com
2    23.54.221.214 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-221-214.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
2    2607:f8b0:4006:81d::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    23.52.150.163 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-150-163.deploy.static.akamaitechnologies.com
a17941920996.cdn.optimizely.com
2    2607:f8b0:4006:80b::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    18.164.116.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-61.jfk50.r.cloudfront.net
tracker.marinsm.com
1    18.164.116.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-49.jfk50.r.cloudfront.net
t.contentsquare.net
2    18.164.116.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-6.jfk50.r.cloudfront.net
cdn.heapanalytics.com
3    2600:9000:2209:fc00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
4    208.89.12.153 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lptag.liveperson.net
lptag.liveperson.net
3    44.196.7.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-7-213.compute-1.amazonaws.com
w.usabilla.com
2    52.216.134.213 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    52.45.108.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-108-63.compute-1.amazonaws.com
logx.optimizely.com
6    52.70.121.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-121-124.compute-1.amazonaws.com
heapanalytics.com
2    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cl.qualaroo.com
4    52.71.77.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-77-185.compute-1.amazonaws.com
c.contentsquare.net
6    208.89.12.91 (United States)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
12    208.89.12.90 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net
5    178.249.97.70 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net
lo.v.liveperson.net
3    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-40-58.bunnyinfra.net
dntcl.qualaroo.com
2    142.251.41.2 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
www.googleadservices.com
2    2607:f8b0:4006:821::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:80c::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google.com
10    2600:141b:13::17d7:8279 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    34.249.43.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-43-135.eu-west-1.compute.amazonaws.com
k-aeu1.contentsquare.net
14    213.39.119.228 (Unterfoehring, Germany)

ASN3257 (GTT-BACKBONE GTT, US)
login.diamond.co.uk
2    2600:141b:9000::1725:7ba0 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2607:f8b0:4006:80d::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
24 diamond.co.uk
myaccount.diamond.co.uk
login.diamond.co.uk
7 MB
18 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3734
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4034
843 KB
12 typekit.net
use.typekit.net — Cisco Umbrella Rank: 637
p.typekit.net — Cisco Umbrella Rank: 805
152 KB
10 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 812
cdn3.optimizely.com — Cisco Umbrella Rank: 6522
a17941920996.cdn.optimizely.com — Cisco Umbrella Rank: 311002
logx.optimizely.com — Cisco Umbrella Rank: 1586
1 MB
9 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3776
lo.v.liveperson.net — Cisco Umbrella Rank: 17321
240 KB
8 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 1992
heapanalytics.com — Cisco Umbrella Rank: 1727
76 KB
6 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3769
c.contentsquare.net — Cisco Umbrella Rank: 4093
k-aeu1.contentsquare.net — Cisco Umbrella Rank: 14484
68 KB
5 qualaroo.com
cl.qualaroo.com — Cisco Umbrella Rank: 10302
dntcl.qualaroo.com — Cisco Umbrella Rank: 12508
106 KB
3 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 4767
24 KB
3 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4500
32 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
563 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 157
37 KB
2 doubleclick.net
stats.g.doubleclick.net Failed
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
4 KB
2 amazonaws.com
s3.amazonaws.com
2 KB
2 marinsm.com
tracker.marinsm.com — Cisco Umbrella Rank: 27167
639 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
210 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
1 KB
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4274
33 KB
118 19
Domain Requested by
14 login.diamond.co.uk 2 redirects myaccount.diamond.co.uk
login.diamond.co.uk
12 lpcdn.lpsnmedia.net lptag.liveperson.net
10 use.typekit.net myaccount.diamond.co.uk
login.diamond.co.uk
use.typekit.net
10 myaccount.diamond.co.uk myaccount.diamond.co.uk
cdn.appdynamics.com
6 accdn.lpsnmedia.net lptag.liveperson.net
6 heapanalytics.com myaccount.diamond.co.uk
login.diamond.co.uk
5 lo.v.liveperson.net lptag.liveperson.net
4 c.contentsquare.net myaccount.diamond.co.uk
t.contentsquare.net
4 logx.optimizely.com cdn.appdynamics.com
cdn.optimizely.com
4 lptag.liveperson.net myaccount.diamond.co.uk
3 dntcl.qualaroo.com cl.qualaroo.com
3 w.usabilla.com myaccount.diamond.co.uk
login.diamond.co.uk
3 www.dwin1.com www.googletagmanager.com
2 p.typekit.net use.typekit.net
2 www.google.com myaccount.diamond.co.uk
login.diamond.co.uk
2 googleads.g.doubleclick.net www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
2 cl.qualaroo.com s3.amazonaws.com
2 s3.amazonaws.com myaccount.diamond.co.uk
2 cdn.heapanalytics.com myaccount.diamond.co.uk
2 tracker.marinsm.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
cdn.appdynamics.com
myaccount.diamond.co.uk
2 a17941920996.cdn.optimizely.com cdn.optimizely.com
2 www.googletagmanager.com myaccount.diamond.co.uk
login.diamond.co.uk
2 cdn3.optimizely.com cdn.optimizely.com
2 cdn.optimizely.com myaccount.diamond.co.uk
login.diamond.co.uk
1 fonts.googleapis.com login.diamond.co.uk
1 k-aeu1.contentsquare.net t.contentsquare.net
1 t.contentsquare.net myaccount.diamond.co.uk
1 cdn.appdynamics.com myaccount.diamond.co.uk
0 stats.g.doubleclick.net Failed cdn.appdynamics.com
118 31

This site contains no links.

Subject Issuer Validity Valid
myaccount.diamond.co.uk
Thawte RSA CA 2018		 2022-11-10 -
2023-11-10		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
*.marinsm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-04-09		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-11		 9 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.dwin1.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-12-01		 9 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
w.usabilla.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-09		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-06-21		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2022-12-09 -
2024-01-07		 a year crt.sh
cl.qualaroo.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
dep.bf.contentsquare.net
Amazon RSA 2048 M01		 2023-03-20 -
2024-04-17		 a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-09 -
2024-01-09		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-10 -
2024-01-10		 a year crt.sh
dntcl.qualaroo.com
R3		 2023-07-17 -
2023-10-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
kep-malka.ba.contentsquare.net
Amazon RSA 2048 M01		 2023-07-30 -
2024-08-28		 a year crt.sh
login.admiral.com
Thawte RSA CA 2018		 2022-11-07 -
2023-11-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Frame ID: 4975A5E9966A9DC8C6CB5543C11D20A3
Requests: 111 HTTP requests in this frame

Frame: https://a17941920996.cdn.optimizely.com/client_storage/a17941920996.html
Frame ID: 6C4B232CBB57633FC1A55B6484D155E2
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/f8ae77c9a75b.js?lv=1
Frame ID: D6E38479BF6DB598FEEF045C469FD6C5
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 9DD0CBB33BDEC713B80C33634AD4F1A4
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 3024135E26CF170B15C9FA45C4F73C28
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: ED405D3C70743AB712E6D86A2FF60507
Requests: 1 HTTP requests in this frame

Frame: https://a17941920996.cdn.optimizely.com/client_storage/a17941920996.html
Frame ID: 093D65BA5DE0388245064078F5CAE62B
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/f8ae77c9a75b.js?lv=1
Frame ID: F13528186BB67D6A159FBE7EB31DB9B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | Diamond

Page URL History Show full URLs

  1. https://myaccount.diamond.co.uk/ Page URL
  2. https://login.diamond.co.uk/myaccount/auth/oauth2.0/v1/authorize?client_id=myaccount&redirect_uri=https:... HTTP 302
    https://login.diamond.co.uk/myaccount/login?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmy... HTTP 301
    https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

118
Requests

95 %
HTTPS

33 %
IPv6

19
Domains

31
Subdomains

31
IPs

3
Countries

10463 kB
Transfer

38133 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myaccount.diamond.co.uk/ Page URL
  2. https://login.diamond.co.uk/myaccount/auth/oauth2.0/v1/authorize?client_id=myaccount&redirect_uri=https://myaccount.diamond.co.uk/load&response_type=code&code_challenge=Qy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U&code_challenge_method=S256 HTTP 302
    https://login.diamond.co.uk/myaccount/login?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256 HTTP 301
    https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
myaccount.diamond.co.uk/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
db93307a76ae505c15ec16e7ebb1254d861a33f18df06e8fdf0751c100955842
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3839
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 14:46:23 GMT
Expires
0
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
admiral.js
cdn.optimizely.com/public/17941920996/s/ 		2 MB
581 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/17941920996/s/admiral.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:59b::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
581a737b3cca3c07888bc93e7aad1012b29313432641d6a35d884c1d5a2d7fab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
jmkG6mfamtjax4ik0QEfWT8YK0kfzCZZ
content-encoding
gzip
date
Tue, 22 Aug 2023 14:46:24 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
ERQ4JQ60CTCZFQQA
x-amz-server-side-encryption
AES256
x-amz-meta-revision
17308
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=498, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="89";dur=0,cdnip;desc="2600:1400:d:59b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1692715583538_388099639_381363727_49806_3798_90_255_219";dur=1
content-length
593543
x-amz-id-2
4B2KzVBgcej+/Oc9RcOaNFXeZaPRBDcmeD9Sw/AuKbPrD8DrIWJdA/9eMBnw9J4AWaMcboSUofA=
last-modified
Tue, 22 Aug 2023 14:39:27 GMT
server
AmazonS3
etag
"6f187dfc0021b51e1b271c90c7db7dd0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
main.a72e26bc.chunk.css
myaccount.diamond.co.uk/static/css/ 		3 MB
612 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/css/main.a72e26bc.chunk.css
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
86572bc938a3c2725a01a679cb4059cf9ff284cc55fbec4549f6d0ef838eb505
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:23 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=6048000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
0
jutro.b0ec7447.chunk.js
myaccount.diamond.co.uk/static/js/ 		4 MB
934 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/js/jutro.b0ec7447.chunk.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
40dce95b7e4632cdb0414be799887e055dfe1309ce1f0664f4da8a44caca9243
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:25 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
0
config.8e528331.chunk.js
myaccount.diamond.co.uk/static/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/js/config.8e528331.chunk.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
b5fbee4017186b90c336e329011bcea291f4d3af26af60dc33cb6740a512d88f
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:25 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
3581
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 21 Aug 2023 09:04:54 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
0
main.e01770b3.chunk.js
myaccount.diamond.co.uk/static/js/ 		15 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/js/main.e01770b3.chunk.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
5f14f6004a657c926ac46b57a62ecc881c3602f2681c7d7944ec2ca28ef94684
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:25 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
0
adrum-4.5.11.2466.js
cdn.appdynamics.com/adrum/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
244a843dd1389b89da3c4e4d2c79f9a0dc1b8713950b91dbb540174c230a6908

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 30 Jul 2023 06:54:49 GMT
content-encoding
gzip
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
2015494
x-cache
Hit from cloudfront
last-modified
Tue, 25 Jun 2019 23:56:53 GMT
server
nginx/1.16.1
etag
W/"5d12b4c5-168c9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6SHNUTrErN65KKISG_D6xWBQF2Gppy6LnHTZPd3uL_IU2Pkh0WOuLQ==
geo4.js
cdn3.optimizely.com/js/ 		310 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.54.221.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-221-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
703b6d260f6532814667ede2a9aa38970d376136ebfcf2f2d26c25892cad5a86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Tue, 22 Aug 2023 14:46:25 GMT
Server
AmazonS3
x-amz-request-id
TK702K02AB1BM2SV
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=50338
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
310
x-amz-id-2
0a8HHtW0hL46uDuDXORBY0JbXEGYXxedWMQ/IHMavL4ySvBO8vc++GoQG+pKyndr7GzXipmKrJY=
gtm.js
www.googletagmanager.com/ 		340 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e580802c5a13f87bd57d59700cff46d27dcecbd4f461cb6f33adf90e9a62ff29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107351
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Aug 2023 14:46:25 GMT
a17941920996.html
a17941920996.cdn.optimizely.com/client_storage/ Frame 6C4B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a17941920996.cdn.optimizely.com/client_storage/a17941920996.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.150.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-150-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d05062da21c584c0439ff2c5c1e086588af6a06f8d6aa8f977f7f2b851f51261
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://myaccount.diamond.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1029
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 14:46:25 GMT
etag
"e0919cf9c41071dcb2f46de5616417dd"
last-modified
Tue, 22 Aug 2023 14:39:06 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="45";dur=0,cdnip;desc="23.52.150.163";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1692715585532_388820404_5175528_44_1771_45_53_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
m1SNOXxx7c8ya1Yoz5YceGu1OAC+/9wHaGG3WjRiBqX+6077Z1cLPBJGs0odChsCYz+tS1jnNBw=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
W7WKJGQ5355ZQTF8
x-amz-server-side-encryption
AES256
x-amz-version-id
MT25Dr23GHS1dCuqQoXjyR__EO6AV4xF
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 14:27:56 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1109
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 22 Aug 2023 16:27:56 GMT
44wvuezyl0.js
tracker.marinsm.com/tracker/async/ 		0
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/44wvuezyl0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-61.jfk50.r.cloudfront.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 10:06:33 GMT
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
server
Apache/2.4.6 (CentOS)
x-amz-cf-pop
JFK50-P6
age
16793
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=172800
x-marintrackerversion
3
content-length
0
x-amz-cf-id
eWIOc-KkgaRBvEUbMC6m_6CekdhKO-9Z-87EINbA-aAzs87TFcnoJw==
expires
Tue, 22 Aug 2023 10:09:26 GMT
2d3bd63a4ddcb.js
t.contentsquare.net/uxa/ 		274 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/2d3bd63a4ddcb.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-49.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae48c57485e8bfe0ea551c54e48b89ba2c2e95cc1dfe28ba07d9820bb9ef8208

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:16:56 GMT
content-encoding
br
via
1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
67306
last-modified
Tue, 22 Aug 2023 09:10:21 GMT
server
AmazonS3
etag
"3092ed34189f38907686ac9f117eb580"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
xLRypCL8HinlIw7sEBxLBtNMOJGASH5D-Rlnm1Dan9ji4x0t08UGXw==
heap-1713100302.js
cdn.heapanalytics.com/js/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1713100302.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-6.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
d2e229eec653251fe19be80e0b933f31e953852df2cf7d38c2200112a83fddea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:44:47 GMT
content-encoding
br
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
JFK50-P6
age
99
x-powered-by
Express
etag
W/"1cf83-/zc33+tPf50dD/8SRMCn5FKv7Ns"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Ptq-o_KtD3OMpt4zxg6VTes8TSknPHYFvqrDFJKDAwGV7hsvzrfTHw==
16042.js
www.dwin1.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/16042.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:fc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84757105828acb2358aa095cfd65ff68232cbf6e7d1cd133cc35a52d197ec533

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hAzi0En.va.ciif3hrTB11i287zbsflS
content-encoding
gzip
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 14:45:19 GMT
x-amz-cf-pop
EWR53-P1
age
291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Jul 2023 11:13:52 GMT
server
AmazonS3
etag
W/"a59bd0537711377695cde3e8b09bd7f0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
BjKusy-3Vr9gbkwMZMLwsbVJycx7Sjy1vnRcPdfL0tliUg7Ry1slOQ==
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=3447646
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 07 Dec 2022 20:20:28 GMT
server
ws
etag
"6390f58c-1da4"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7588
f8ae77c9a75b.js
w.usabilla.com/ Frame D6E3 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/f8ae77c9a75b.js?lv=1
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.7.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-7-213.compute-1.amazonaws.com
Software
/
Resource Hash
655ed77c41d82893e833056657875704cc4be1e977211e045bcf56edf9e68537

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"11b5c21f1471860292b96cadb7938201"
content-type
text/javascript
cache-control
public,max-age=0
content-length
12203
es3.js
s3.amazonaws.com/ki.js/61837/ 		379 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ki.js/61837/es3.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.134.213 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2ccc32676f30a84a3bf52885d8dde69bf41d82c44e07aa2fc46748c0a927c197

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 21:49:08 GMT
Server
AmazonS3
x-amz-request-id
04GV1NF5ZK1BP582
ETag
"d3e0e68e657df5655044ef93608c6d20"
x-amz-server-side-encryption
AES256
Content-Type
application/ecmascript
Cache-Control
s-maxage=3600, max-age=0
Accept-Ranges
bytes
Content-Length
296
x-amz-id-2
J/GO108kvHY18+HDYdzwshhmaIdeWGyI21lRj5gz4iM+3I1Bk2g4frhaDRDb1NXiH/Vl7YrX3qg=
collect
www.google-analytics.com/j/ 		0
0
collect
stats.g.doubleclick.net/j/ 		0
0
collect
www.google-analytics.com/j/ 		0
0
events
logx.optimizely.com/v1/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.108.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-108-63.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myaccount.diamond.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 22 Aug 2023 14:46:26 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://myaccount.diamond.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
128fed32-d937-4a29-ad50-717af330dc46
telemetry
heapanalytics.com/api/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1713100302&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=20&st=1692715586966&hv=4.19.3
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
es3qoo.js
cl.qualaroo.com/ki.js/61837/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/61837/es3qoo.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/61837/es3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d264db5848068ea1c7ce3269d781e200eb1b560fc64841544aae3f7f7c809483

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
G3B1JN0TJCKHMCA0
x-amz-server-side-encryption
AES256
cdn-cachedat
07/30/2023 16:45:24
cdn-pullzone
92714
x-amz-id-2
iOEh8Cx37MhTCMoI93N3t3kuZ+Wnd8HnNFt4eHq0LfsbPAtReNeH9RX7wYrIypw0OykARkop95I=
last-modified
Wed, 12 Oct 2022 21:49:08 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"e35d45f51f4895029afaaaaefe539914"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
3c44412e3588f175df236f861930664b
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ee600bac-14fa-46b5-9344-ff06e4748b07
https://myaccount.diamond.co.uk/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://myaccount.diamond.co.uk/ee600bac-14fa-46b5-9344-ff06e4748b07
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d40bf2e4eed273d931293e52124d963a4c4ac3dd53228837cbb1de831251ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
7329
Content-Type
application/javascript
pageview
c.contentsquare.net/ 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?pid=5048&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&sn=1&hd=1692715587&pn=1&dw=1600&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&uc=1&la=en-US&v=13.39.0&pvt=n&ex=&r=873396
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.77.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-77-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:27 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/ 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
c0a7f6ef71ed2de0d6ee63785d3a92533d7558c39b1ba78b06cd0930bc1a8070
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
/
accdn.lpsnmedia.net/api/account/3447646/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
ec97f7589982f6484d3c7134e762dcc73d527656268587dae98d07cb863c02aa
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
all-connectors
accdn.lpsnmedia.net/api/account/3447646/configuration/le-connectors/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/le-connectors/all-connectors?cb=lpCb74121x43775
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
2d0fa2fa66460d35a6b42cc5a8f61af1baa0cbbd8f9fc01762912e2c4daeee06
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ui-framework.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:40 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:27 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		90 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/UMSClientAPI.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
2a73ff47539c08d1e9399792a12e739a2e5f76e6ec0233ec1a736b2404bc3759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:27 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/lpChatV3.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:27 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/surveylogicinstance.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:39 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:27 GMT
zones
accdn.lpsnmedia.net/api/account/3447646/configuration/le-campaigns/ 		72 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
1fb39cbea19664a1c51cb04fcf2eaa4b5756a4e5c4febebd3de02a5cf50de38c
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:27 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fmyaccount.diamond.co.uk&site=3447646&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Mar 2023 01:15:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:28 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		999 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/desktopEmbedded.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
2e0038f0ed73ab5d6d81bb7780efa8101dc71c49e02ebbaa37ed8736bc71b484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:28 GMT
3447646
lo.v.liveperson.net/api/js/ 		236 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/3447646?&cb=lpCb95335x7972&t=sp&ts=1692715587544&pid=7530070126&tid=2654471829&pt=CustomerEngage%20Account%20Management&u=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
69a10704032b2ef07a98e864e28b5d0e350fd10e20d9f01f32e2c2ada7e65d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
frame.html
dntcl.qualaroo.com/ Frame 9DD0 		323 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/61837/es3qoo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
b4fd549f3285fea55c9cef8e043fde53
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 14:46:34 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
frame.html
dntcl.qualaroo.com/ Frame 3024 		323 B
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/61837/es3qoo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
13daab36b365fc41c2f7393ba3620247
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 14:46:34 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
SourceSansVariable-Roman.ttf.13ac647c.woff2
myaccount.diamond.co.uk/static/media/ 		120 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/media/SourceSansVariable-Roman.ttf.13ac647c.woff2
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/static/css/main.a72e26bc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.diamond.co.uk/static/css/main.a72e26bc.chunk.css
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:35 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Connection
Keep-Alive
Content-Length
123020
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/font-sfnt
Cache-Control
no-cache, no-store, must-revalidate, private
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
0
3447646
lo.v.liveperson.net/api/js/ 		111 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/3447646?sid=hyqBO1jORDeXziMF1ut6lg&cb=lpCb19403x58476&t=pl&ts=1692715594261&pid=7530070126&tid=2654471829&vid=QwZjI4ZWNmYmUwNTA2ZTBi
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18428
x-xss-protection
0
server
cafe
etag
6091834725216891230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:46:34 GMT
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1713100302&u=4512668356240138&v=2805769567935504&s=4269599333018221&b=web&tv=4.0&z=0&h=%2F&d=myaccount.diamond.co.uk&t=CustomerEngage%20Account%20Management&ts=1692715594692&st=1692715594700
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
telemetry
heapanalytics.com/api/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1713100302&te=type&te=data&te=cm&te=addUserProperties%20-%20no%20valid%20props&st=1692715594701&hv=4.19.3
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
add_user_properties_v3
heapanalytics.com/api/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=1713100302&u=4512668356240138&v=2805769567935504&s=4269599333018221&b=web&tv=4.0&_Contentsquare%20Replay=https%3A%2F%2Fapp.contentsquare.com%2Fquick-playback%2Findex.html%3Fpid%3D5048%26uu%3Dcd5c178b-9339-ac72-fb9f-64642a4c7778%26sn%3D1%26pvid%3D1%26recordingType%3Dcs%26vd%3Dhe&st=1692715594701
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
dvar
c.contentsquare.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/dvar?v=13.39.0&pid=5048&pn=1&sn=1&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&dv=H4sIAAAAAAAAA6tWcvSL93B1DIh3LChQ8HRRslIyNDc0NjQwMDYwUqoFAMTQHggfAAAA&ct=2&r=234102
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.77.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-77-185.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:34 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071476061/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071476061/?random=1692715594847&cv=9&fst=1692715594847&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&tiba=CustomerEngage%20Account%20Management&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
app-messages-en_GB.36c4be05.chunk.js
myaccount.diamond.co.uk/static/js/ 		401 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/js/app-messages-en_GB.36c4be05.chunk.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:35 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
0
/
www.google.com/pagead/1p-user-list/1071476061/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071476061/?random=1692715594847&cv=9&fst=1692712800000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&tiba=CustomerEngage%20Account%20Management&fmt=3&is_vtc=1&random=2830534389&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fij7lgx.js
use.typekit.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/fij7lgx.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/static/js/main.e01770b3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6760
product-metadata.3d582a9f.chunk.js
myaccount.diamond.co.uk/static/js/ 		2 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/static/js/product-metadata.3d582a9f.chunk.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:36 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 18 Aug 2023 09:41:51 GMT
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Expires
0
config
myaccount.diamond.co.uk/ 		10 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/config
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://myaccount.diamond.co.uk/
ADRUM
isAjax:true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Tue, 22 Aug 2023 14:46:35 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
ADRUM_1
n:admirallive_f0e8f4b5-8d07-403b-a8f2-459b386e1b3d
ADRUM_2
i:2807908
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ADRUM_0
g:1e629482-948b-45db-a215-c31c90f948c4
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
ADRUM_3
e:28
Cache-Control
no-cache, no-store, must-revalidate, private
Keep-Alive
timeout=5, max=100
Expires
0
config
myaccount.diamond.co.uk/ 		1 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myaccount.diamond.co.uk/config
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
156.154.120.50 , United States, ASN19905 (SECURITYSERVICES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://myaccount.diamond.co.uk/
ADRUM
isAjax:true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Tue, 22 Aug 2023 14:46:35 GMT
Content-Security-Policy
default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Content-Encoding
gzip
Transfer-Encoding
chunked
ADRUM_1
n:admirallive_f0e8f4b5-8d07-403b-a8f2-459b386e1b3d
ADRUM_2
i:2807908
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ADRUM_0
g:83a32612-144e-4e90-8b71-d12147b2f445
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
ADRUM_3
e:14
Cache-Control
no-cache, no-store, must-revalidate, private
Keep-Alive
timeout=5, max=100
Expires
0
16042.js
www.dwin1.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/16042.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:fc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hAzi0En.va.ciif3hrTB11i287zbsflS
content-encoding
gzip
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 14:45:19 GMT
x-amz-cf-pop
EWR53-P1
age
300
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Jul 2023 11:13:52 GMT
server
AmazonS3
etag
W/"a59bd0537711377695cde3e8b09bd7f0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
uXZGRvSZbUA_pdHJseEscvUa6s397EHwZFlRCP89kbkSvUzDMba3hA==
events
c.contentsquare.net/v2/ 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.contentsquare.net/v2/events?v=13.39.0&pn=1&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&sn=1&hd=1692715587&pid=5048&sr=100&mdh=1200&hlm=true&ct=0
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/2d3bd63a4ddcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.77.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-77-185.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:35 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
recording
k-aeu1.contentsquare.net/v2/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://k-aeu1.contentsquare.net/v2/recording?rt=5&v=13.39.0&pid=5048&pn=1&sn=1&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&hlm=true&ct=0
Requested by
Host: t.contentsquare.net
URL: https://t.contentsquare.net/uxa/2d3bd63a4ddcb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.43.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-43-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 14:46:35 GMT
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
events
logx.optimizely.com/v1/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.108.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-108-63.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 22 Aug 2023 14:46:35 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://myaccount.diamond.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
f16ff381-16a7-465b-b55e-7f748b0f7c4c
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1971919203&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.diamond.co.uk%2Flogin&ul=en-us&de=UTF-8&dt=CustomerEngage%20Account%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACAABBAAAAGAGCAC~&jid=&gjid=&cid=906988487.1692715586&tid=UA-619996-8&_gid=1919845586.1692715586&gtm=45He38l0n512F7P&z=1633002585
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Aug 2023 21:10:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63362
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pageview
c.contentsquare.net/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.contentsquare.net/pageview?pid=5048&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&sn=1&hd=1692715595&pn=2&dw=1600&dh=1200&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fmyaccount.diamond.co.uk%2Flogin&uc=1&la=en-US&v=13.39.0&pvt=a&ex=&r=906030
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.77.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-77-185.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:35 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1713100302&u=4512668356240138&v=8649161590128602&s=4269599333018221&b=web&tv=4.0&z=2&h=%2Flogin&d=myaccount.diamond.co.uk&t=CustomerEngage%20Account%20Management&ts=1692715595555&pr=%2F&sp=ts&sp=1692715594692&sp=d&sp=myaccount.diamond.co.uk&sp=h&sp=%2F&st=1692715595556
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
es3.js
s3.amazonaws.com/ki.js/61837/ 		379 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ki.js/61837/es3.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.134.213 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:46:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 21:49:08 GMT
Server
AmazonS3
x-amz-request-id
AMBJ0VTTZS1F0MT9
ETag
"d3e0e68e657df5655044ef93608c6d20"
x-amz-server-side-encryption
AES256
Content-Type
application/ecmascript
Cache-Control
s-maxage=3600, max-age=0
Accept-Ranges
bytes
Content-Length
296
x-amz-id-2
wXc+xXvUm+eNZNeCsjul2iRUEHQBTCbMVOOVVOhk3b4K/SNy7FdpRgW1POxVW9PB+fXSyN7XznY=
Primary Request /
login.diamond.co.uk/myaccount/login/
Redirect Chain
  • https://login.diamond.co.uk/myaccount/auth/oauth2.0/v1/authorize?client_id=myaccount&redirect_uri=https://myaccount.diamond.co.uk/load&response_type=code&code_challenge=Qy_dXIcftTfu3Ig1IcXtqsqIMomW...
  • https://login.diamond.co.uk/myaccount/login?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%...
  • https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A...
9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/static/js/main.e01770b3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
0665c8810dd3b4f65588b7f583e7e14569a813200afb1c89981e635c29a4531a
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount.diamond.co.uk/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-type
text/html
date
Tue, 22 Aug 2023 14:46:36 GMT
etag
W/"637dace5-21c1"
expect-ct
enforce, max-age=300
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
last-modified
Wed, 23 Nov 2022 05:17:25 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
1013
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-type
text/html
date
Tue, 22 Aug 2023 14:46:36 GMT
expect-ct
enforce, max-age=300
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
location
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
l
use.typekit.net/af/d219fb/000000000000000000017745/27/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d219fb/000000000000000000017745/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
etag
"a4b4099b1c173c199aaa792d4709b0655ebebefb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18788
l
use.typekit.net/af/9018b1/000000000000000000017742/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9018b1/000000000000000000017742/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
etag
"73148cee943d2b51bb75a69b9f61d479054a45a3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
l
use.typekit.net/af/5ecad7/000000000000000000017744/27/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5ecad7/000000000000000000017744/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
etag
"773a35b77106afff70c203238b2bf7740a5fe16d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18772
l
use.typekit.net/af/6ec749/000000000000000000017741/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6ec749/000000000000000000017741/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
etag
"3a32316f1ea34ca4958fb0a92f29a7724fb0da7d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17644
l
use.typekit.net/af/f1567f/000000000000000000017743/27/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/f1567f/000000000000000000017743/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
server
nginx
etag
"1fb600499093e9940b274a8b081b8933322d1646"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17808
es3qoo.js
cl.qualaroo.com/ki.js/61837/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/61837/es3qoo.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/ki.js/61837/es3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:35 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
G3B1JN0TJCKHMCA0
x-amz-server-side-encryption
AES256
cdn-cachedat
07/30/2023 16:45:24
cdn-pullzone
92714
x-amz-id-2
iOEh8Cx37MhTCMoI93N3t3kuZ+Wnd8HnNFt4eHq0LfsbPAtReNeH9RX7wYrIypw0OykARkop95I=
last-modified
Wed, 12 Oct 2022 21:49:08 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"e35d45f51f4895029afaaaaefe539914"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=0, s-maxage=3600
cdn-requestid
ab3aa60e25700d7f2136fc1df77d4717
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
frame.html
dntcl.qualaroo.com/ Frame ED40 		323 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/61837/es3qoo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
07/10/2023 15:17:54
cdn-edgestorageid
885
cdn-fileserver
639
cdn-proxyver
1.03
cdn-pullzone
99568
cdn-requestcountrycode
US
cdn-requestid
a5ac5e6ff45adb971676c4bc6104b538
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-571
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 14:46:35 GMT
last-modified
Sun, 09 Jul 2023 20:56:17 GMT
server
BunnyCDN-NY1-885
vary
Accept-Encoding
p.gif
p.typekit.net/ 		35 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=fij7lgx&ht=tk&h=myaccount.diamond.co.uk&f=25167.25168.25169.25170.25171&a=607775&js=1.21.0&app=typekit&e=js&_=1692715596200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7ba0 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.diamond.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

unused62
8096267
date
Tue, 22 Aug 2023 14:46:36 GMT
last-modified
Sat, 09 Oct 2021 06:42:30 GMT
server
nginx
etag
"616139d6-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
l
use.typekit.net/af/9018b1/000000000000000000017742/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9018b1/000000000000000000017742/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myaccount.diamond.co.uk/
Origin
https://myaccount.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
server
nginx
etag
"73148cee943d2b51bb75a69b9f61d479054a45a3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
recording
k-aeu1.contentsquare.net/v2/ 		0
0
events
c.contentsquare.net/v2/ 		0
0
admiral.js
cdn.optimizely.com/public/17941920996/s/ 		2 MB
581 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/public/17941920996/s/admiral.js
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:59b::13b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
581a737b3cca3c07888bc93e7aad1012b29313432641d6a35d884c1d5a2d7fab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
Origin
https://login.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
jmkG6mfamtjax4ik0QEfWT8YK0kfzCZZ
content-encoding
gzip
date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
ERQ4JQ60CTCZFQQA
x-amz-server-side-encryption
AES256
x-amz-meta-revision
17308
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="89";dur=0,cdnip;desc="2600:1400:d:59b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1692715596679_388099639_381385167_325_2973_89_0_219";dur=1
content-length
593543
x-amz-id-2
4B2KzVBgcej+/Oc9RcOaNFXeZaPRBDcmeD9Sw/AuKbPrD8DrIWJdA/9eMBnw9J4AWaMcboSUofA=
last-modified
Tue, 22 Aug 2023 14:39:27 GMT
server
AmazonS3
etag
"6f187dfc0021b51e1b271c90c7db7dd0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 13:57:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 14:46:36 GMT
2.9707a051.chunk.css
login.diamond.co.uk/myaccount/login/static/css/ 		92 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/static/css/2.9707a051.chunk.css
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
3f7aed542f4e928f96df9412156bafc606bddffcb31ea8b110d9c50536be2a78
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-length
92
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 Jun 2022 08:55:34 GMT
server
nginx
etag
"629dc106-5c"
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
main.dc61bf26.chunk.css
login.diamond.co.uk/myaccount/login/static/css/ 		92 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/static/css/main.dc61bf26.chunk.css
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
3f7aed542f4e928f96df9412156bafc606bddffcb31ea8b110d9c50536be2a78
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-length
92
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 Jun 2022 08:55:34 GMT
server
nginx
etag
"629dc106-5c"
expect-ct
enforce, max-age=300
x-frame-options
SAMEORIGIN
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
accept-ranges
bytes
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
2.0addd9bb.chunk.js
login.diamond.co.uk/myaccount/login/static/js/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
5ce0a0585d23c043b24fb1002e71efe9b312701b58792ee056150f56d982b09f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 21 Nov 2021 22:33:41 GMT
server
nginx
etag
W/"619ac945-115963"
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
main.e6e36666.chunk.js
login.diamond.co.uk/myaccount/login/static/js/ 		371 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/static/js/main.e6e36666.chunk.js
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
b5b1e3e343c911cbe397a9c1acc37acba1f36c00855158e051684d6ccb7425b3
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 21 Nov 2021 22:33:41 GMT
server
nginx
etag
W/"619ac945-5cba8"
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
gtm.js
www.googletagmanager.com/ 		340 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79af5e9a78010f25bc2da8293aa29d7e10535853d19ef7e2849c9df367cea26b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107356
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Aug 2023 14:46:36 GMT
geo4.js
cdn3.optimizely.com/js/ 		310 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.54.221.214 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-221-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
703b6d260f6532814667ede2a9aa38970d376136ebfcf2f2d26c25892cad5a86

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Tue, 22 Aug 2023 14:46:36 GMT
Server
AmazonS3
x-amz-request-id
TK702K02AB1BM2SV
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=50327
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
310
x-amz-id-2
0a8HHtW0hL46uDuDXORBY0JbXEGYXxedWMQ/IHMavL4ySvBO8vc++GoQG+pKyndr7GzXipmKrJY=
fij7lgx.css
use.typekit.net/ 		4 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/fij7lgx.css
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/css/2.9707a051.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
10adfb2492bb8e2d560fce1c1ee9589c5256e3191d9d537b197c5e5f0de9dcf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 22 Aug 2023 14:46:36 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
757
normalize.min.css
login.diamond.co.uk/myaccount/login/static/base/css/ 		2 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/static/base/css/normalize.min.css
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/css/2.9707a051.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
d74e9c1806faae02d0a2544ffd93c9f356e10ef103b2f6fb14052ad39de06b70
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/static/css/2.9707a051.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 Jun 2022 08:55:34 GMT
server
nginx
etag
W/"629dc106-73f"
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
a17941920996.html
a17941920996.cdn.optimizely.com/client_storage/ Frame 093D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a17941920996.cdn.optimizely.com/client_storage/a17941920996.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.150.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-150-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d05062da21c584c0439ff2c5c1e086588af6a06f8d6aa8f977f7f2b851f51261
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
1029
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 14:46:36 GMT
etag
"e0919cf9c41071dcb2f46de5616417dd"
last-modified
Tue, 22 Aug 2023 14:39:06 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="44";dur=0,cdnip;desc="23.52.150.163";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1692715596948_388820404_5194391_26_1507_44_0_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
m1SNOXxx7c8ya1Yoz5YceGu1OAC+/9wHaGG3WjRiBqX+6077Z1cLPBJGs0odChsCYz+tS1jnNBw=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
W7WKJGQ5355ZQTF8
x-amz-server-side-encryption
AES256
x-amz-version-id
MT25Dr23GHS1dCuqQoXjyR__EO6AV4xF
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=fij7lgx&ht=tk&f=25167.25168.25169.25170.25171&a=607775&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fij7lgx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::1725:7ba0 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
last-modified
Fri, 30 Jun 2023 13:03:26 GMT
server
nginx
etag
"649ed29e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
heap-1713100302.js
cdn.heapanalytics.com/js/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1713100302.js
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-6.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
d2e229eec653251fe19be80e0b933f31e953852df2cf7d38c2200112a83fddea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:44:47 GMT
content-encoding
br
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
JFK50-P6
age
110
x-powered-by
Express
etag
W/"1cf83-/zc33+tPf50dD/8SRMCn5FKv7Ns"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ES6J-E3fJ8OV9V1BdM9cb9WC1m3mWp42SnbcEG3heMxq6ryKZO5pow==
44wvuezyl0.js
tracker.marinsm.com/tracker/async/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/44wvuezyl0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-61.jfk50.r.cloudfront.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 10:06:33 GMT
via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
server
Apache/2.4.6 (CentOS)
x-amz-cf-pop
JFK50-P6
age
16804
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=172800
x-marintrackerversion
3
content-length
0
x-amz-cf-id
bNHZhHlQdYOrg7yWiBr2JTJpKt2_J5hLl5_eLI1JPj53QEBfU-GuKw==
expires
Tue, 22 Aug 2023 10:09:26 GMT
16042.js
www.dwin1.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/16042.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:fc00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84757105828acb2358aa095cfd65ff68232cbf6e7d1cd133cc35a52d197ec533

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
hAzi0En.va.ciif3hrTB11i287zbsflS
content-encoding
gzip
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 14:45:19 GMT
x-amz-cf-pop
EWR53-P1
age
302
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Jul 2023 11:13:52 GMT
server
AmazonS3
etag
W/"a59bd0537711377695cde3e8b09bd7f0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
1eIPeiwe3NJTSmXqjc-s9VoMAVVo4ZyUfduUrpUQTIE73zBiDNxoFg==
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=3447646
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 07 Dec 2022 20:20:28 GMT
server
ws
etag
"6390f58c-1da4"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7588
f8ae77c9a75b.js
w.usabilla.com/ Frame F135 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/f8ae77c9a75b.js?lv=1
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.7.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-7-213.compute-1.amazonaws.com
Software
/
Resource Hash
ccc310cdb26f5199f0a62ef67411aa002f707f48a320f87ef4fb2ca3c8c97806

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"11b5c21f1471860292b96cadb7938201"
content-type
text/javascript
cache-control
public,max-age=0
content-length
12203
configuration
login.diamond.co.uk/myaccount/uic/api/v1/ 		8 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/uic/api/v1/configuration?type=page&name=default
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1180d1b0e414b6b95f1f5e74bb7dfb25417ee17c9b21de553a223d5ae70746b1
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
server
nginx
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2F7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
eafa6fbba9a390c65947baa71fd0e0bcafb087302f2878df897c9dc7b9c68fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18428
x-xss-protection
0
server
cafe
etag
6091834725216891230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:46:37 GMT
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1713100302&u=4512668356240138&v=724210306898118&s=4269599333018221&b=web&tv=4.0&z=2&h=%2Fmyaccount%2Flogin%2F&q=%3FsessionOnly%3Dtrue%26goto%3Dhttps%253A%252F%252Flogin.diamond.co.uk%252Fmyaccount%252Fauth%252Foauth2.0%252Fv1%252Fauthorize%253Fclient_id%253Dmyaccount%2526redirect_uri%253Dhttps%253A%252F%252Fmyaccount.diamond.co.uk%252Fload%2526response_type%253Dcode%2526code_challenge%253DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%2526code_challenge_method%253DS256&d=login.diamond.co.uk&ts=1692715597676&sp=ts&sp=1692715594692&sp=d&sp=myaccount.diamond.co.uk&sp=h&sp=%2F&st=1692715597678
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.121.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-121-124.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
.jsonp
lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/ 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: myaccount.diamond.co.uk
URL: https://myaccount.diamond.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
c0a7f6ef71ed2de0d6ee63785d3a92533d7558c39b1ba78b06cd0930bc1a8070
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071476061/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071476061/?random=1692715597787&cv=9&fst=1692715597787&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Flogin%2F%3FsessionOnly%3Dtrue%26goto%3Dhttps%253A%252F%252Flogin.diamond.co.uk%252Fmyaccount%252Fauth%252Foauth2.0%252Fv1%252Fauthorize%253Fclient_id%253Dmyaccount%2526redirect_uri%253Dhttps%253A%252F%252Fmyaccount.diamond.co.uk%252Fload%2526response_type%253Dcode%2526code_challenge%253DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%2526code_challenge_method%253DS256&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
907d2a06e588883747902e40b3c3a675614ed408ec72ffa50a01259f4746dc56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1519
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
configuration
login.diamond.co.uk/myaccount/uic/api/v1/ 		121 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/uic/api/v1/configuration?type=workflowEngine&name=iwMUITheme
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
66dc1e18cd0a3ee85495d6df74dd1985544a680b00684ab2eb07911131f07a6c
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
server
nginx
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
/
accdn.lpsnmedia.net/api/account/3447646/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
ec97f7589982f6484d3c7134e762dcc73d527656268587dae98d07cb863c02aa
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
all-connectors
accdn.lpsnmedia.net/api/account/3447646/configuration/le-connectors/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/le-connectors/all-connectors?cb=lpCb32096x71528
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
42b2fb8435690ebdd18974dea209378901e5e289ef71c67ad5598165704ab2e9
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ui-framework.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:40 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		90 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/UMSClientAPI.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
2a73ff47539c08d1e9399792a12e739a2e5f76e6ec0233ec1a736b2404bc3759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/lpChatV3.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/surveylogicinstance.min.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:39 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
zones
accdn.lpsnmedia.net/api/account/3447646/configuration/le-campaigns/ 		72 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/3447646/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
1fb39cbea19664a1c51cb04fcf2eaa4b5756a4e5c4febebd3de02a5cf50de38c
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Aug 2023 14:47:27 GMT
/
www.google.com/pagead/1p-user-list/1071476061/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071476061/?random=1692715597787&cv=9&fst=1692712800000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Flogin%2F%3FsessionOnly%3Dtrue%26goto%3Dhttps%253A%252F%252Flogin.diamond.co.uk%252Fmyaccount%252Fauth%252Foauth2.0%252Fv1%252Fauthorize%253Fclient_id%253Dmyaccount%2526redirect_uri%253Dhttps%253A%252F%252Fmyaccount.diamond.co.uk%252Fload%2526response_type%253Dcode%2526code_challenge%253DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%2526code_challenge_method%253DS256&fmt=3&is_vtc=1&random=2696581073&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 14:46:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.108.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-108-63.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 22 Aug 2023 14:46:37 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://login.diamond.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
2a9c918d-ccb5-4a5d-add2-2e379a6c1114
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Flogin.diamond.co.uk&site=3447646&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Mar 2023 01:15:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/ 		999 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.30.0.0-release_5603/desktopEmbedded.js?version=10.30.0.0-release_5603
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
2e0038f0ed73ab5d6d81bb7780efa8101dc71c49e02ebbaa37ed8736bc71b484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 04 Aug 2023 02:08:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 21 Aug 2024 14:46:37 GMT
configuration
login.diamond.co.uk/myaccount/login/api/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/api/configuration
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
9b29aa34d819c4f10587047283e767177d7c4bb6a69666f606c471f9267f8891
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
server
nginx
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
3447646
lo.v.liveperson.net/api/js/ 		237 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/3447646?sid=hyqBO1jORDeXziMF1ut6lg&cb=lpCb38350x13172&t=sp&ts=1692715597862&pid=2572732932&tid=2824875737&vid=QwZjI4ZWNmYmUwNTA2ZTBi&u=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Flogin%2F%3FsessionOnly%3Dtrue%26goto%3Dhttps%253A%252F%252Flogin.diamond.co.uk%252Fmyaccount%252Fauth%252Foauth2.0%252Fv1%252Fauthorize%253Fclient_id%253Dmyaccount%2526redirect_uri%253Dhttps%253A%252F%252Fmyaccount.diamond.co.uk%252Fload%2526response_type%253Dcode%2526code_challenge%253DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%2526code_challenge_method%253DS256&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
0d64125d0f8fb7824978eacf5e34141a731697eef392d02a26bcdd721d5842e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
configuration
login.diamond.co.uk/myaccount/uic/api/v1/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/uic/api/v1/configuration?type=page&name=login
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
efd3685fa08e736a95134cfacc3b75699cce1233882d278b5e7165aef8bf6d8c
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
server
nginx
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
3447646
lo.v.liveperson.net/api/js/ 		110 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/3447646?sid=hyqBO1jORDeXziMF1ut6lg&cb=lpCb5223x51559&t=pl&ts=1692715598077&pid=2572732932&tid=2824875737&vid=QwZjI4ZWNmYmUwNTA2ZTBi
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
bbf12b7fbb3f0a37ec5eb9cbeb099ebe11fd86a13fbac83ba1a579ace928447c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
translations
login.diamond.co.uk/myaccount/uic/api/v1/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/uic/api/v1/translations?language=en_GB_login
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
2bae714956b34054cbf9e400b110ce8f234f3f174909d0b1b06403303879d131
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
referrer-policy
same-origin
content-encoding
gzip
server
nginx
content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
expect-ct
enforce, max-age=300
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache
feature-policy
midi 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
x-xss-protection
1; mode=block
x-content-security-policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.admiral.com https://dealerlogin.fordinsure.co.uk https://login.bell.co.uk https://login.diamond.co.uk https://login.elephant.co.uk https://login.fordinsure.co.uk https://login.gladiator.co.uk https://login.aainsure.co.uk https://www.googletagmanager.com https://tracker.marinsm.com https://cc.cdn.civiccomputing.com https://www.google-analytics.com https://cdn.heapanalytics.com https://lptag.liveperson.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.dwin1.com https://assets.revlifter.io https://dealerportal.fordinsure.co.uk/login-notification.js https://*.optimizely.com https://connect.facebook.net https://s3.amazonaws.com/ki.js/61837/e43.js https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://t.contentsquare.net https://lo.v.liveperson.net https://s3.amazonaws.com/ki.js/61837/es3.js https://cl.qualaroo.com/ki.js/61837/es3qoo.js https://w.usabilla.com https://s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: *; font-src 'self' data: *; connect-src 'self' https://apikeys.civiccomputing.com https://www.google-analytics.com https://devt.revlifter.com https://*.optimizely.com https://ampcid.google.com https://ampcid.google.co.in https://stats.g.doubleclick.net https://c.contentsquare.net wss://lo.msg.liveperson.net; media-src 'self' https://lpcdn.lpsnmedia.net; object-src 'none'; child-src 'self'; frame-src 'self' https://lpcdn.lpsnmedia.net https://*.optimizely.com https://dntcl.qualaroo.com https://bid.g.doubleclick.net https://server.lon.liveperson.net https://lo.idp.liveperson.net https://lo.msg.liveperson.net; worker-src 'self' blob: *; frame-ancestors 'self'; form-action 'self' data: *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-top-navigation allow-popups allow-modals allow-downloads allow-popups-to-escape-sandbox; manifest-src 'self';
authenticate
login.diamond.co.uk/myaccount/login/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.diamond.co.uk/myaccount/login/api/authenticate
Requested by
Host: login.diamond.co.uk
URL: https://login.diamond.co.uk/myaccount/login/static/js/2.0addd9bb.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.39.119.228 Unterfoehring, Germany, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
server
nginx
content-length
0
x-xss-protection
1; mode=block
t
w.usabilla.com/a/ Frame F135 		35 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.usabilla.com/a/t?m=b&b=f8ae77c9a75b&e=SPAC&cb=1692715598559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.7.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-7-213.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 14:46:38 GMT
cache-control
private, no-cache
content-length
35
expires
Tue, 6 Aug 1991 14:56:20 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d310c3c1b8452d04c60fb39a37dae823acb69c3f0a6114b7c96f1cdfd8b13ef6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/5ecad7/000000000000000000017744/27/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5ecad7/000000000000000000017744/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fij7lgx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
513ebb9b0ace14b2333cdc0ad8e8664aba6429bdf2e66ac1cbf1f33eb6d90034

Request headers

Referer
https://use.typekit.net/fij7lgx.css
Origin
https://login.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
server
nginx
etag
"773a35b77106afff70c203238b2bf7740a5fe16d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18772
l
use.typekit.net/af/9018b1/000000000000000000017742/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9018b1/000000000000000000017742/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fij7lgx.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
668486e7110201f2c01dc6a6575da6ab0f7346adb22f35adbf843f8ea3cc7331

Request headers

Referer
https://use.typekit.net/fij7lgx.css
Origin
https://login.diamond.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:38 GMT
server
nginx
etag
"73148cee943d2b51bb75a69b9f61d479054a45a3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
events
logx.optimizely.com/v1/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/17941920996/s/admiral.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.108.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-108-63.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 22 Aug 2023 14:46:38 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://login.diamond.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
0ca05b3c-c959-47f1-b927-0c3cd0c59fa1
3447646
lo.v.liveperson.net/api/js/ 		73 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/3447646?sid=hyqBO1jORDeXziMF1ut6lg&cb=lpCb31033x11374&t=ip&ts=1692715608529&pid=2572732932&tid=2824875737&vid=QwZjI4ZWNmYmUwNTA2ZTBi
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/3447646/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
6e7b8d26f358fdc0c6349bac2545a5f560cef64549b3f4559039d991f44ca271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:46:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1971919203&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&ul=en-us&de=UTF-8&dt=CustomerEngage%20Account%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAACAEC~&jid=1421169374&gjid=793709058&cid=906988487.1692715586&tid=UA-619996-8&_gid=1919845586.1692715586&_slc=1&gtm=45He38l0n512F7P&z=717557504
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-619996-8&cid=906988487.1692715586&jid=1421169374&gjid=793709058&_gid=1919845586.1692715586&_u=YGBAgAABAAAAAGAEC~&z=574310579
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1971919203&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&ul=en-us&de=UTF-8&dt=CustomerEngage%20Account%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAAGAGC~&jid=1446811093&gjid=50181240&cid=906988487.1692715586&tid=UA-619996-8&_gid=1919845586.1692715586&_r=1&gtm=45He38l0n512F7P&z=1938171134
Domain
k-aeu1.contentsquare.net
URL
https://k-aeu1.contentsquare.net/v2/recording?rt=5&v=13.39.0&pid=5048&pn=2&sn=1&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&hlm=true&ct=0
Domain
c.contentsquare.net
URL
https://c.contentsquare.net/v2/events?v=13.39.0&pn=2&uu=cd5c178b-9339-ac72-fb9f-64642a4c7778&sn=1&hd=1692715595&pid=5048&sr=100&mdh=1200&hlm=true&ct=0

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| dataLayer function| _ object| optimizely number| startTime number| duration function| pushToDataLayer function| trackHeapEvent object| trackEvent object| observer function| readCookie function| setCookie function| _setAppBrand string| brand object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| heap object| _mTrack object| lpTag undefined| inRenewal undefined| email undefined| dob undefined| policyNumber undefined| policyType object| _uxa function| lightningjs function| usabilla_live function| updateUsblCustomVar function| checkOptimizely function| onCampaignDecided object| usblCustomVars object| webpackJsonp object| AWIN function| getErrorMessage function| isIE function| sendDebugEvent function| AwinCustomEvent object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| classNames undefined| stepUpTrackId undefined| return_from undefined| trackingId object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments boolean| useV2authentication undefined| clientId undefined| clientSecret string| redirectUri boolean| isTagManagerEnable function| _typeof function| _extends object| lpTaglogListeners object| lpMTagConfig function| createFrameworkGlobals object| liveperson object| theme function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| lpIntlTelInputUtils object| lpIntlTelInputGlobals

26 Cookies

Domain/Path Name / Value
.login.diamond.co.uk/myaccount/ Name: iWelcome-Segment
Value: diamond
myaccount.diamond.co.uk/pcsor Name: TS012e662c
Value: 0192cd9b46c36539d1aceb42c90d38109eb63ed316fbf03c9cfc2b0b719c36a3a85c9e87301c6008b798b4730cd03a4335e08bd68f
myaccount.diamond.co.uk/pcsor Name: JSESSIONID
Value: JLNy6+zLOtXj8sLPERq-QRLm
.myaccount.diamond.co.uk/ Name: TS0182bc6b
Value: 0192cd9b46c36539d1aceb42c90d38109eb63ed316fbf03c9cfc2b0b719c36a3a85c9e87301c6008b798b4730cd03a4335e08bd68f
.diamond.co.uk/ Name: optimizelyEndUserId
Value: oeu1692715585084r0.8950109579102568
.diamond.co.uk/ Name: _gcl_au
Value: 1.1.318393242.1692715586
.myaccount.diamond.co.uk/ Name: _ga
Value: GA1.4.906988487.1692715586
.myaccount.diamond.co.uk/ Name: _gid
Value: GA1.4.1919845586.1692715586
.myaccount.diamond.co.uk/ Name: _dc_gtm_UA-619996-8
Value: 1
.myaccount.diamond.co.uk/ Name: _gat_UA-619996-8
Value: 1
.diamond.co.uk/ Name: _hp2_props.1713100302
Value: %7B%7D
.diamond.co.uk/ Name: _cs_c
Value: 1
.diamond.co.uk/ Name: LPVID
Value: QwZjI4ZWNmYmUwNTA2ZTBi
.diamond.co.uk/ Name: LPSID-3447646
Value: hyqBO1jORDeXziMF1ut6lg
myaccount.diamond.co.uk/ Name: ki_r
Value:
.diamond.co.uk/ Name: _hp2_ses_props.1713100302
Value: %7B%22ts%22%3A1692715594692%2C%22d%22%3A%22myaccount.diamond.co.uk%22%2C%22h%22%3A%22%2F%22%7D
myaccount.diamond.co.uk/ Name: JSESSIONID
Value: 33228e5d-2701-4ea7-8aa1-7880a31f6a9d
.diamond.co.uk/ Name: _cs_id
Value: cd5c178b-9339-ac72-fb9f-64642a4c7778.1692715587.1.1692715595.1692715587.1.1726879587212
.diamond.co.uk/ Name: _cs_s
Value: 2.5.0.1692717395415
myaccount.diamond.co.uk/ Name: AD_Session_ID
Value: !GuuYdgXU9057nkTjdrGo2k+qq18MkVrkQKZs37kZZGC2UM+4ad/BTY/hMm/RcZfA1XRCMhP2M+CKhA==
myaccount.diamond.co.uk/ Name: ki_s
Value:
myaccount.diamond.co.uk/ Name: ki_t
Value: 1692715594169%3B1692715594169%3B1692715595863%3B1%3B5
login.diamond.co.uk/ Name: iwopbs
Value:
.diamond.co.uk/ Name: _hp2_id.1713100302
Value: %7B%22userId%22%3A%224512668356240138%22%2C%22pageviewId%22%3A%22724210306898118%22%2C%22sessionId%22%3A%224269599333018221%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUlb3Lha8MkHPsVUOygYByMTH3TRTpDXJRO6E1OG6qK1uQ2n0Lq6EgZfDX3s
login.diamond.co.uk/ Name: iWelcome-Locale
Value: en_GB

10 Console Messages

Source Level URL
Text
javascript warning URL: https://myaccount.diamond.co.uk/(Line 65)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://myaccount.diamond.co.uk/(Line 65)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js(Line 27)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1971919203&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&ul=en-us&de=UTF-8&dt=CustomerEngage%20Account%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAAAACAEC~&jid=1421169374&gjid=793709058&cid=906988487.1692715586&tid=UA-619996-8&_gid=1919845586.1692715586&_slc=1&gtm=45He38l0n512F7P&z=717557504' because it violates the following Content Security Policy directive: "connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'".
security error URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js(Line 27)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-619996-8&cid=906988487.1692715586&jid=1421169374&gjid=793709058&_gid=1919845586.1692715586&_u=YGBAgAABAAAAAGAEC~&z=574310579' because it violates the following Content Security Policy directive: "connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'".
security error URL: https://cdn.appdynamics.com/adrum/adrum-4.5.11.2466.js(Line 27)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1971919203&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.diamond.co.uk%2F&ul=en-us&de=UTF-8&dt=CustomerEngage%20Account%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAAGAGC~&jid=1446811093&gjid=50181240&cid=906988487.1692715586&tid=UA-619996-8&_gid=1919845586.1692715586&_r=1&gtm=45He38l0n512F7P&z=1938171134' because it violates the following Content Security Policy directive: "connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'".
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning URL: https://login.diamond.co.uk/myaccount/login/?sessionOnly=true&goto=https%3A%2F%2Flogin.diamond.co.uk%2Fmyaccount%2Fauth%2Foauth2.0%2Fv1%2Fauthorize%3Fclient_id%3Dmyaccount%26redirect_uri%3Dhttps%3A%2F%2Fmyaccount.diamond.co.uk%2Fload%26response_type%3Dcode%26code_challenge%3DQy_dXIcftTfu3Ig1IcXtqsqIMomWo81XzzznAnzN27U%26code_challenge_method%3DS256
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning (Line 2)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://w.usabilla.com/f8ae77c9a75b.js?lv=1(Line 64)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://login.diamond.co.uk/myaccount/login/api/authenticate
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'self'; script-src *.googleapis.com *.usabilla.com *.contentsquare.net *.optimizely.com https://optimize.google.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com http://cdn.appdynamics.com https://first.iovation.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://cdn.heapanalytics.com *.cdn.heapanalytics.com https://heapanalytics.com *.heapanalytics.com https://formisimo.com https://*.formisimo.com https://tracking.formisimo.com *.formisimo.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://d6tizftlrpuof.cloudfront.net https://*.sessioncam.com https://*.typekit.net *.typekit.net http://tagmanager.google.com https://tagmanager.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.amazonaws.com *.facebook.net *.marinsm.com *.qualaroo.com 'unsafe-eval' 'unsafe-inline' 'self'; style-src *.googleapis.com https://d6tizftlrpuof.cloudfront.net https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://tagmanager.google.com https://*.typekit.net *.typekit.net 'unsafe-inline' 'self'; img-src data: https://canarytokens.com *.googleapis.com https://d6tizftlrpuof.cloudfront.net *.usabilla.com *.optimizely.com *.contentsquare.net https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://service.maxymiser.net http://service.maxymiser.net *.service.maxymiser.net https://ws.sessioncam.com *.sessioncam.com https://heapanalytics.com *.heapanalytics.com https://*.lpsnmedia.net https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk *.gstatic.com *.google-analytics.com *.google.co.uk *.google.com https://*.typekit.net *.typekit.net https://*.doubleclick.net *.facebook.com *.marinsm.com *.amazonaws.com 'self'; font-src data: https://heapanalytics.com *.heapanalytics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://fonts.googleapis.com *.gstatic.com https://*.typekit.net *.typekit.net 'self'; frame-src 'self' d6tizftlrpuof.cloudfront.net https://*.cdn.optimizely.com https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://cdn.appdynamics.com https://www.admiral.com https://secure.admiral.com https://www.bell.co.uk https://*.belldirect.co.uk https://www.diamond.co.uk https://secure.diamond.co.uk https://www.elephant.co.uk https://secure.elephant.co.uk https://www.gladiator.co.uk https://secure.gladiator.co.uk https://*.lpsnmedia.net https://*.liveperson.net https://*.doubleclick.net *.google.co.uk *.google.com https://service.maxymiser.net *.qualaroo.com https://*.eshapay.net https://*.ephapay.net https://*.barclaycardsmartpay.com ; connect-src *.usabilla.com *.contentsquare.net https://errors.client.optimizely.com https://logx.optimizely.com/v1/events https://prf.hn https://www.zenaps.com https://*.civiccomputing.com https://www.dwin1.com https://www.awin1.com https://fra-col.eum-appdynamics.com http://fra-col.eum-appdynamics.com https://tracking.formisimo.com https://heapanalytics.com *.heapanalytics.com https://ws.sessioncam.com *.sessioncam.com https://*.euiwebservice.co.uk *.euiwebservice.co.uk https://*.nonprod-euiwebservice.co.uk *.nonprod-euiwebservice.co.uk https://*.typekit.net *.typekit.net https://ampcid.google.com https://*.liveperson.net wss://*.liveperson.net *.liveperson.net 'self'; media-src 'self' https://*.lpsnmedia.net; object-src 'self' blob:; child-src 'self' blob:; worker-src 'self' blob:
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17941920996.cdn.optimizely.com
accdn.lpsnmedia.net
c.contentsquare.net
cdn.appdynamics.com
cdn.heapanalytics.com
cdn.optimizely.com
cdn3.optimizely.com
cl.qualaroo.com
dntcl.qualaroo.com
fonts.googleapis.com
googleads.g.doubleclick.net
heapanalytics.com
k-aeu1.contentsquare.net
lo.v.liveperson.net
login.diamond.co.uk
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
myaccount.diamond.co.uk
p.typekit.net
s3.amazonaws.com
stats.g.doubleclick.net
t.contentsquare.net
tracker.marinsm.com
use.typekit.net
w.usabilla.com
www.dwin1.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
c.contentsquare.net
k-aeu1.contentsquare.net
stats.g.doubleclick.net
www.google-analytics.com
108.138.128.101
138.199.40.58
142.251.41.2
156.154.120.50
178.249.97.70
18.164.116.49
18.164.116.6
18.164.116.61
208.89.12.153
208.89.12.90
208.89.12.91
213.39.119.228
23.52.150.163
23.54.221.214
2600:1400:d:59b::13b8
2600:141b:13::17d7:8279
2600:141b:9000::1725:7ba0
2600:9000:2209:fc00:f:8ce2:fb80:93a1
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:821::2002
2a02:6ea0:c454::1
34.249.43.135
44.196.7.213
52.216.134.213
52.45.108.63
52.70.121.124
52.71.77.185
0665c8810dd3b4f65588b7f583e7e14569a813200afb1c89981e635c29a4531a
08d40bf2e4eed273d931293e52124d963a4c4ac3dd53228837cbb1de831251ad
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d64125d0f8fb7824978eacf5e34141a731697eef392d02a26bcdd721d5842e6
10adfb2492bb8e2d560fce1c1ee9589c5256e3191d9d537b197c5e5f0de9dcf4
1180d1b0e414b6b95f1f5e74bb7dfb25417ee17c9b21de553a223d5ae70746b1
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fb39cbea19664a1c51cb04fcf2eaa4b5756a4e5c4febebd3de02a5cf50de38c
244a843dd1389b89da3c4e4d2c79f9a0dc1b8713950b91dbb540174c230a6908
2a73ff47539c08d1e9399792a12e739a2e5f76e6ec0233ec1a736b2404bc3759
2bae714956b34054cbf9e400b110ce8f234f3f174909d0b1b06403303879d131
2ccc32676f30a84a3bf52885d8dde69bf41d82c44e07aa2fc46748c0a927c197
2d0fa2fa66460d35a6b42cc5a8f61af1baa0cbbd8f9fc01762912e2c4daeee06
2e0038f0ed73ab5d6d81bb7780efa8101dc71c49e02ebbaa37ed8736bc71b484
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3f7aed542f4e928f96df9412156bafc606bddffcb31ea8b110d9c50536be2a78
40dce95b7e4632cdb0414be799887e055dfe1309ce1f0664f4da8a44caca9243
42b2fb8435690ebdd18974dea209378901e5e289ef71c67ad5598165704ab2e9
513ebb9b0ace14b2333cdc0ad8e8664aba6429bdf2e66ac1cbf1f33eb6d90034
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
581a737b3cca3c07888bc93e7aad1012b29313432641d6a35d884c1d5a2d7fab
5ce0a0585d23c043b24fb1002e71efe9b312701b58792ee056150f56d982b09f
5f14f6004a657c926ac46b57a62ecc881c3602f2681c7d7944ec2ca28ef94684
655ed77c41d82893e833056657875704cc4be1e977211e045bcf56edf9e68537
668486e7110201f2c01dc6a6575da6ab0f7346adb22f35adbf843f8ea3cc7331
66dc1e18cd0a3ee85495d6df74dd1985544a680b00684ab2eb07911131f07a6c
69a10704032b2ef07a98e864e28b5d0e350fd10e20d9f01f32e2c2ada7e65d88
6e7b8d26f358fdc0c6349bac2545a5f560cef64549b3f4559039d991f44ca271
703b6d260f6532814667ede2a9aa38970d376136ebfcf2f2d26c25892cad5a86
79af5e9a78010f25bc2da8293aa29d7e10535853d19ef7e2849c9df367cea26b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84757105828acb2358aa095cfd65ff68232cbf6e7d1cd133cc35a52d197ec533
86572bc938a3c2725a01a679cb4059cf9ff284cc55fbec4549f6d0ef838eb505
907d2a06e588883747902e40b3c3a675614ed408ec72ffa50a01259f4746dc56
9b29aa34d819c4f10587047283e767177d7c4bb6a69666f606c471f9267f8891
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
ae48c57485e8bfe0ea551c54e48b89ba2c2e95cc1dfe28ba07d9820bb9ef8208
b5b1e3e343c911cbe397a9c1acc37acba1f36c00855158e051684d6ccb7425b3
b5fbee4017186b90c336e329011bcea291f4d3af26af60dc33cb6740a512d88f
bb183f72fe84391a4e489769cf7718f7d279181b07cb6ff414b1ceca7c6c8c5c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf12b7fbb3f0a37ec5eb9cbeb099ebe11fd86a13fbac83ba1a579ace928447c
c0a7f6ef71ed2de0d6ee63785d3a92533d7558c39b1ba78b06cd0930bc1a8070
ccc310cdb26f5199f0a62ef67411aa002f707f48a320f87ef4fb2ca3c8c97806
d05062da21c584c0439ff2c5c1e086588af6a06f8d6aa8f977f7f2b851f51261
d264db5848068ea1c7ce3269d781e200eb1b560fc64841544aae3f7f7c809483
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d2e229eec653251fe19be80e0b933f31e953852df2cf7d38c2200112a83fddea
d310c3c1b8452d04c60fb39a37dae823acb69c3f0a6114b7c96f1cdfd8b13ef6
d74e9c1806faae02d0a2544ffd93c9f356e10ef103b2f6fb14052ad39de06b70
db93307a76ae505c15ec16e7ebb1254d861a33f18df06e8fdf0751c100955842
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580802c5a13f87bd57d59700cff46d27dcecbd4f461cb6f33adf90e9a62ff29
eafa6fbba9a390c65947baa71fd0e0bcafb087302f2878df897c9dc7b9c68fa6
ec97f7589982f6484d3c7134e762dcc73d527656268587dae98d07cb863c02aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd3685fa08e736a95134cfacc3b75699cce1233882d278b5e7165aef8bf6d8c