web.lloydsdirect.co.uk Open in urlscan Pro
13.224.189.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web.lloydsdirect.co.uk/login
Submission: On September 08 via manual (September 8th 2023, 8:00:30 pm UTC) from IN — Scanned from DE

Summary HTTP 37 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 37 HTTP transactions. The main IP is 13.224.189.100, located in United States and belongs to AMAZON-02, US. The main domain is web.lloydsdirect.co.uk. The Cisco Umbrella rank of the primary domain is 999818.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 23rd 2023. Valid for: a year.

This is the only time web.lloydsdirect.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.224.189.100 13.224.189.100	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26d... 2600:9000:26db:e000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::201b	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	108.139.243.70 108.139.243.70	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.156.2.48 108.156.2.48	16509 (AMAZON-02) (AMAZON-02)
1	99.84.9.52 99.84.9.52	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.14 99.84.88.14	16509 (AMAZON-02) (AMAZON-02)
2	13.224.103.96 13.224.103.96	16509 (AMAZON-02) (AMAZON-02)
1	107.23.224.36 107.23.224.36	14618 (AMAZON-AES) (AMAZON-AES)
37	15

1 13.224.189.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-100.fra2.r.cloudfront.net

web.lloydsdirect.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:e000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-70.mxp63.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o102792.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-48.mxp63.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.9.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-9-52.lhr62.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-14.muc50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.103.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-96.zrh50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.224.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-224-36.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6103 geolocation.onetrust.com — Cisco Umbrella Rank: 681	165 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58 storage.googleapis.com — Cisco Umbrella Rank: 451	458 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1511	146 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2718	267 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2187 api-iam.intercom.io — Cisco Umbrella Rank: 2106	6 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 793 script.hotjar.com — Cisco Umbrella Rank: 1084	59 KB
2	gstatic.com fonts.gstatic.com	39 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2914	259 B
1	sentry.io o102792.ingest.sentry.io — Cisco Umbrella Rank: 763596	324 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1592	683 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4556	11 KB
1	lloydsdirect.co.uk web.lloydsdirect.co.uk — Cisco Umbrella Rank: 999818	89 KB
37	12

	Domain	Requested by
10	cdn-ukwest.onetrust.com	web.lloydsdirect.co.uk cdn-ukwest.onetrust.com storage.googleapis.com
8	storage.googleapis.com	web.lloydsdirect.co.uk storage.googleapis.com
3	js.stripe.com	web.lloydsdirect.co.uk js.stripe.com
2	js.intercomcdn.com	widget.intercom.io
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	web.lloydsdirect.co.uk storage.googleapis.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	web.lloydsdirect.co.uk
1	vc.hotjar.io	storage.googleapis.com
1	script.hotjar.com	static.hotjar.com
1	o102792.ingest.sentry.io	storage.googleapis.com
1	static.hotjar.com	web.lloydsdirect.co.uk
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	polyfill.io	web.lloydsdirect.co.uk
1	www.dwin1.com	web.lloydsdirect.co.uk
1	web.lloydsdirect.co.uk
37	16

This site contains links to these domains. Also see Links.

Domain
auth.login.nhs.uk
lloydsdirect.co.uk
www.bcorporation.net
www.onetrust.com

Subject Issuer	Validity	Valid
*.lloydsdirect.co.uk Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
*.onetrust.com GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M02	`2023-02-28` - `2023-12-01`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-08-24` - `2023-09-23`	a month	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://web.lloydsdirect.co.uk/login
Frame ID: FE63719F913122CBC1A2EA3C58894313
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 75A471C3BF4D1338323F86EBE9823B50
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0505394ed97928adfc0a62a7b84260ac.html
Frame ID: 9CC349EE04B45A53054DE25C6E85CAD8
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0088f593.js
Frame ID: 400A51DAD3AA7CE982EE80496346983B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | LloydsDirectBack ButtonSearch IconFilter Icon

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

37
Requests

100 %
HTTPS

40 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

1241 kB
Transfer

3775 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://auth.login.nhs.uk/authorize?response_type=code&client_id=Echo&state=6f1e380d-275e-4cd0-a99f-70e25093653b&nonce=78a08297-32ef-4cfd-bdd8-e99fcf49a585&scope=openid+profile+email+phone+gp_integration_credentials+profile_extended&redirect_uri=https://web.lloydsdirect.co.uk/auth/nhs-login
Title: Continue with NHS login

Search URL Search Domain Scan URL

URL: https://lloydsdirect.co.uk/contact-us
Title: Help

Search URL Search Domain Scan URL

URL: https://lloydsdirect.co.uk/p/terms-and-conditions
Title: Terms & conditions

Search URL Search Domain Scan URL

URL: https://lloydsdirect.co.uk/p/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.bcorporation.net/en-us/find-a-b-corp/company/lloydsdirect

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
web.lloydsdirect.co.uk/ 89 KB
89 KB 261ms
147ms Document
text/html 13.224.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-100.fra2.r.cloudfront.net

Software

Resource Hash

f8b669ae1e02d4f5bdd6b133014029b0d48c13c4a6b2c044819f6bfc964a636c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 90955
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 08 Sep 2023 20:00:25 GMT
etag: W/"1634b-kdOyZiF7d2nvfVT9VFY5/983HvI"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-id: zEQyqWH19neHNrMI8aNlUw_yGspmeyecB3sDd4RVwhd-3fgNu_t72w==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-trace-id: d8b4782aa6a9677c
x-xss-protection: 0

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 162ms
61ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 48390
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 19:31:02 GMT
server: cloudflare
etag: 0x8DBAE46A3EC84F4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 51efd60a-a01e-0064-568c-e0943b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c70dfcd5367e-FRA
expires: Sat, 09 Sep 2023 20:00:25 GMT

GET
H2 200 18596.js Show response
www.dwin1.com/ 38 KB
11 KB 216ms
68ms Script
application/javascript 2600:9000:26db:e000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/18596.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:e000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27aad92e5aa7dbdd82f6676ee6c70104681238fd5ef684fc442d4bcb089947b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Axx_6HdMDx0FBjkMum2_8TjN.ihq.Cw0
content-encoding: gzip
via: 1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 19:53:47 GMT
x-amz-cf-pop: MUC50-P3
age: 399
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Sep 2023 09:10:59 GMT
server: AmazonS3
etag: W/"db6b1ce703526700a7d0682ef02494b7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: jQscUeHzNmc3NJ6-LnZ6qpYQrZ44JeiZb9CpmwlXLuMnSto8Shtk-A==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d17a789c509e104a1c3d7a575d84ac3ad6f6d4a07b34a2cdcd7803a176af529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 20:00:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 20:00:25 GMT

GET
H2 200 cahuenga.css
storage.googleapis.com/echo-webapp/fonts/ 2 KB
2 KB 233ms
133ms Stylesheet
text/css 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/fonts/cahuenga.css
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fd932d3fb3c068cff0d5863613191b8b18b9813c4e953a95acbc6df9890eb31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
age: 0
x-guploader-uploadid: ADPycdui9tiZDCYNXjiw3EW3w1SLsbnqQ5d-5iMT4dXjyPyWu_FaBt1Qw14sTRwOF3BFxyqzCcBwYyyqMR1j-PAmpFv5Vg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1585
last-modified: Wed, 15 May 2019 07:20:04 GMT
server: UploadServer
etag: "0c3eeb24096c7e7f7360062326b4e487"
x-goog-generation: 1557904804220257
x-goog-hash: crc32c=S6uDOg==, md5=DD7rJAlsfn9zYAYjJrTkhw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1585
accept-ranges: bytes
content-type: text/css
expires: Fri, 08 Sep 2023 21:00:25 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 100 B
683 B 617ms
202ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?version=3.53.1&features=globalThis%2CArray.prototype.includes%2CObject.entries%2Ces5%2Ces6%2Cfetch%2CIntl

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5d9d990fcbef35abff52e151094cda1f29bdea3ddcbc9767f37e64fdbd936d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://web.lloydsdirect.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 20:00:25 GMT
age: 658748
detected-user-agent: Chrome/116.0.0
useragent_normaliser: chrome/116.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Fri, 25 Aug 2023 12:52:31 GMT
fastly_service_version: 227
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
normalized-user-agent: chrome/116.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 client.c741f80c2f553ec6ee85.js Show response
storage.googleapis.com/echo-webapp/ 1 MB
318 KB 143ms
142ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/client.c741f80c2f553ec6ee85.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1cc2e39ba599fe96730d9b2fcfbd462e5e3b4845287d04fde3eb48395ad53835

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvBD_IA_6F04gsRdpIS_S5zmDkm6beB_FCJ0oRaniEqDFRN2XTvuHWYa9zvozP0EIQO592ZC-H16bgYnhCK0O3p9A
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325240
last-modified: Thu, 07 Sep 2023 09:47:57 GMT
server: UploadServer
etag: "9d72b5468ccad823c806b06ab89ddc89"
x-goog-generation: 1694080077803772
x-goog-hash: crc32c=T3uJng==, md5=nXK1RozK2CPIBrBquJ3ciQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 325240
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 944.de57ef2dfb7f9beede22.js Show response
storage.googleapis.com/echo-webapp/chunks/ 13 KB
4 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/chunks/944.de57ef2dfb7f9beede22.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 151bbc4f3de3c47d786d7c80abbc8e2979c0f54985dd32b724c26964c9a0d2f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdt5_E-BvlVTNP48Fke9TKyoW1TwLm_kwUDgRzk-Msn5GwpmmSTbPeKsfB53NU-CfKtfqFOzcDYuS1b-b57DlRBoKg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3702
last-modified: Thu, 07 Sep 2023 09:47:47 GMT
server: UploadServer
etag: "593f37017c354b23bdd7d401063af5d7"
x-goog-generation: 1694080067833533
x-goog-hash: crc32c=bt1tvw==, md5=WT83AXw1SyO919QBBjr11w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 3702
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 8435.19176eb9d0be70523364.js Show response
storage.googleapis.com/echo-webapp/chunks/ 20 KB
7 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/chunks/8435.19176eb9d0be70523364.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ef20bae383bd4b0ac4562c54046c11b1595fd9ac2d42621e98d1f0d756622664

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvgPQuHLTHW8Yh3mjqS86dOs7UThwJLPyKQe2nFof0nq7Gp8guyI1Euiz09QmZW-fWjxpJ5dOrBfzGFxZNc1LXNvw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7341
last-modified: Thu, 07 Sep 2023 09:47:47 GMT
server: UploadServer
etag: "00ab6f8952db63c959978bf62924f20e"
x-goog-generation: 1694080067547631
x-goog-hash: crc32c=ADrxKg==, md5=AKtviVLbY8lZl4v2KSTyDg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 7341
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 142.be4008c76885ea2b216b.js Show response
storage.googleapis.com/echo-webapp/chunks/ 53 KB
21 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/chunks/142.be4008c76885ea2b216b.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 390c76936759621077691c338f847f55cbd420c7bcac323033e1cd4e3509d413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtAJqD6J7QYBvCdF26sJMn-SbHbE_Ctni5BXVZ7priz8ysZ5aXJ-bEyYAdSBlOPmgQGBcmqKzS6F_LZ4SA0cCjPWQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21452
last-modified: Thu, 07 Sep 2023 09:47:47 GMT
server: UploadServer
etag: "dde7311a392e9fdbbcb87a1924c1053e"
x-goog-generation: 1694080066995771
x-goog-hash: crc32c=fwxuaw==, md5=3ecxGjkun9u8uHoZJMEFPg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 21452
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 619.1f4527f357a456c5a2a7.js Show response
storage.googleapis.com/echo-webapp/chunks/ 17 KB
6 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/chunks/619.1f4527f357a456c5a2a7.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ab3a52f4e9cb4e76ccfa81036010992e7ded3d0f75ddcbc759fab89423f8eb59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdupvB3dgZ9nQNnbkmrEhL7XeOAux3f7eTNiL5u9wTow-UB-nlu01E5XAWAZ78CFJRs095l9TYaXHhGYUcQeCjUT9g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5781
last-modified: Thu, 07 Sep 2023 09:47:54 GMT
server: UploadServer
etag: "c60760ac40e3d4578485c5931dd4a901"
x-goog-generation: 1694080074173455
x-goog-hash: crc32c=L2AcFw==, md5=xgdgrEDj1FeEhcWTHdSpAQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 5781
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 pages-Anonymous-Login.751299610866ba650487.js Show response
storage.googleapis.com/echo-webapp/chunks/ 17 KB
6 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/chunks/pages-Anonymous-Login.751299610866ba650487.js
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7703561d50a66c47ce645443f24ae3877fb4a9c4c3555b2c125916a40e55139f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdsFbDgYOevMS37i6k_Y1Ej3S7XCgsD4WBkx2OUYcIrn486v3_ROy_20hGdVellEoOnuOSgcoXMjzsglfMBViApaGQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6104
last-modified: Thu, 07 Sep 2023 09:47:46 GMT
server: UploadServer
etag: "2bb8ef1af73a1bb6de41a5390a160ae0"
x-goog-generation: 1694080066621598
x-goog-hash: crc32c=OQfQog==, md5=K7jvGvc6G7beQaU5ChYK4A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000,no-transform
x-goog-stored-content-length: 6104
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 07 Sep 2024 20:00:25 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 525 KB
146 KB 151ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

14a7b47dd1a2e26e115d091f500579a5f39a11ef13be6d6b4cf6a5fa1295689b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 20:00:25 GMT
via: 1.1 varnish
age: 60
x-cache: HIT
content-length: 149531
x-request-id: bd689b4f-795b-4647-a3c4-f492f5df5b8d
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Fri, 08 Sep 2023 17:45:59 GMT
server: Fastly
etag: "628fd02611a5b6f04d935a5644ab292a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 e2e7acea-ae0d-42e9-ac3f-0172f94115f0.json Show response
cdn-ukwest.onetrust.com/consent/e2e7acea-ae0d-42e9-ac3f-0172f94115f0/ 4 KB
2 KB 165ms
80ms XHR
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e2e7acea-ae0d-42e9-ac3f-0172f94115f0/e2e7acea-ae0d-42e9-ac3f-0172f94115f0.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e733830ca4caafe678037a6e4ed6224c10d2c8f493189b70e9c4c59d15144d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 52925
content-md5: edNuc22LE47w8J/1o7j56A==
content-length: 1515
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jul 2023 15:41:06 GMT
server: cloudflare
etag: 0x8DB8937BBC731E2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 19a1af1e-301e-0043-28c2-df0e72000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c70eed496915-FRA

GET
H3 200 Cahuenga-SemiBold.woff
storage.googleapis.com/echo-webapp/fonts/ 91 KB
91 KB 219ms
139ms Font
application/font-woff 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/echo-webapp/fonts/Cahuenga-SemiBold.woff
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/echo-webapp/fonts/cahuenga.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6fae8d49d108154cac6f5436f6bd102f2e6d1454933b12edc74107bc7f9cd319

Request headers

Referer: https://storage.googleapis.com/echo-webapp/fonts/cahuenga.css
Origin: https://web.lloydsdirect.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
age: 0
x-guploader-uploadid: ADPycdvDxsE6WiUequEzo6CeqNdEd5nToHQJPx7n2sTohhQ13naao4oq5-ATOp4Z-1zdNz7NyFx6j8sdlOEBwSoFLB1ebw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93523
last-modified: Wed, 15 May 2019 07:17:38 GMT
server: UploadServer
etag: "d5b36ca686a5cc79743079d21cafb812"
x-goog-generation: 1557904658287966
x-goog-hash: crc32c=DSXWGQ==, md5=1bNspoalzHl0MHnSHK+4Eg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 93523
accept-ranges: bytes
content-type: application/font-woff
expires: Fri, 08 Sep 2023 21:00:25 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://web.lloydsdirect.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 19:45:19 GMT
x-content-type-options: nosniff
age: 906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:45:19 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 146ms
53ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://web.lloydsdirect.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 04:11:13 GMT
x-content-type-options: nosniff
age: 575352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 04:11:13 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
205 B 83ms
60ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8039c70f9e136915-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/ 404 KB
98 KB 69ms
69ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: +MbZ9DgpGaofE6OXFTKawA==
age: 47962
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99611
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 20:07:17 GMT
server: cloudflare
etag: 0x8DB81814307BACD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 02a1fa6e-b01e-0034-28c2-df8b33000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c70fff9f367e-FRA
expires: Sat, 09 Sep 2023 20:00:25 GMT

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/e2e7acea-ae0d-42e9-ac3f-0172f94115f0/168e508d-1f81-4d27-a693-3f7f2cd1f342/ 44 KB
11 KB 80ms
80ms Fetch
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/e2e7acea-ae0d-42e9-ac3f-0172f94115f0/168e508d-1f81-4d27-a693-3f7f2cd1f342/en.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f71447ee5bac137c17b2956439c2cd083a7aed78b39668ddea71cda9ce0d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 52925
content-md5: 3VCzqIPU9X29S4pA+T+VKQ==
content-length: 10849
x-ms-lease-status: unlocked
last-modified: Thu, 20 Jul 2023 15:41:14 GMT
server: cloudflare
etag: 0x8DB8937C01B3B2C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 48ea7567-d01e-0024-03c3-dfbdd5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c710bf656915-FRA

GET
H2 200 otCenterRounded.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/ 9 KB
3 KB 65ms
64ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/otCenterRounded.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Fh6V1XgVegZEkOHt22h7+A==
age: 52924
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 20:07:06 GMT
server: cloudflare
etag: 0x8DB81813BFE9260
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c20f9d6e-601e-001f-10c2-dfff8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c711581b6915-FRA
expires: Sat, 09 Sep 2023 20:00:25 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/v2/ 61 KB
12 KB 65ms
65ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: W0mmOoJ4N9F86qlAVYEM2w==
age: 52924
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 20:07:07 GMT
server: cloudflare
etag: 0x8DB81813D047A59
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 72259c76-601e-0050-51c2-df3b93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c711581e6915-FRA
expires: Sat, 09 Sep 2023 20:00:25 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/ 21 KB
4 KB 65ms
65ms Fetch
text/css 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202306.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 52924
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jul 2023 20:07:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a092ecf4-001e-000f-71c2-dfc96d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8039c71158206915-FRA
expires: Sat, 09 Sep 2023 20:00:25 GMT

GET
H2 200 hotjar-3544931.js Show response
static.hotjar.com/c/ 9 KB
4 KB 190ms
91ms Script
application/javascript 108.139.243.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3544931.js?sv=6

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.243.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-243-70.mxp63.r.cloudfront.net

Software

Resource Hash

85e3385f69d5fc9645e25058b142177df216207ff0110ffb1405e476d819de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Sep 2023 20:00:26 GMT
via: 1.1 480621bee17f1606dc6189ca75ebbc74.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
etag: W/5bd212f1bc7209ea6998b7a84b0f159f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kY47zI6IsOi6HmPiBD_69Yh0JzJDX6RalpRjrfafV5QzI1jVmHqLSA==

POST
H2 200 / Show response
o102792.ingest.sentry.io/api/1374027/envelope/ 2 B
324 B 163ms
43ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o102792.ingest.sentry.io/api/1374027/envelope/?sentry_key=6ece1ca1a56946789193b1d844300011&sentry_version=7&sentry_client=sentry.javascript.react%2F7.30.0

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/echo-webapp/client.c741f80c2f553ec6ee85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://web.lloydsdirect.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Sep 2023 20:00:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 75A4 0
0 40ms
40ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21415678
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 20:00:25 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 703380
x-content-type-options: nosniff
x-request-id: 1c8ca897-7035-44b9-add0-ec47aef7f573
x-served-by: cache-fra-eddf8230071-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn-ukwest.onetrust.com/logos/static/ 497 B
535 B 68ms
67ms Fetch
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/echo-webapp/client.c741f80c2f553ec6ee85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 52925
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 19:31:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0e521871-401e-0003-728e-e0279c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8039c71279956915-FRA
expires: Sat, 09 Sep 2023 20:00:26 GMT

GET
H2 200 Hallo_Logo_png.png
cdn-ukwest.onetrust.com/logos/2f912f11-b4fb-4605-a327-1452aaf835cb/3e1eccc1-6a6e-4880-8484-9a88c74a2178/ea8391b9-9314-4883-a8a1-d76d94304a02/ 25 KB
26 KB 98ms
96ms Image
image/png 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/2f912f11-b4fb-4605-a327-1452aaf835cb/3e1eccc1-6a6e-4880-8484-9a88c74a2178/ea8391b9-9314-4883-a8a1-d76d94304a02/Hallo_Logo_png.png

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d818bbb2832df2ad8cd1f228f1b2852565f6073cc8d89c9b66ad46a4a0bd40c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: V3vNUR4aS5+mU1kGn5vMLA==
content-length: 26019
x-ms-lease-status: unlocked
last-modified: Tue, 28 Mar 2023 23:14:38 GMT
server: cloudflare
etag: 0x8DB2FE233D7BFF8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5caec061-d01e-0060-48c3-df61b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8039c7128b41367e-FRA
expires: Sat, 09 Sep 2023 20:00:26 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 63ms
61ms Image
image/svg+xml 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Requested by

Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Sep 2023 20:00:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 48390
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 19:31:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1e953df4-501e-001c-028c-e0fc8c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8039c7128b43367e-FRA
expires: Sat, 09 Sep 2023 20:00:26 GMT

GET
H2 200 controller-0505394ed97928adfc0a62a7b84260ac.html
js.stripe.com/v3/ Frame 9CC3 0
0 40ms
39ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0505394ed97928adfc0a62a7b84260ac.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 20:00:26 GMT
etag: "0505394ed97928adfc0a62a7b84260ac"
last-modified: Fri, 08 Sep 2023 17:11:24 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-request-id: 56df5a39-91ec-44bc-b434-eb13bb462fe4
x-served-by: cache-fra-eddf8230071-FRA

GET
H3 200 css Show response
fonts.googleapis.com/ 4 KB
657 B 137ms
56ms Fetch
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/echo-webapp/client.c741f80c2f553ec6ee85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d17a789c509e104a1c3d7a575d84ac3ad6f6d4a07b34a2cdcd7803a176af529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 20:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 20:00:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 20:00:26 GMT

GET
H2 200 modules.819bdb467a6bd2a2f5b5.js Show response
script.hotjar.com/ 223 KB
55 KB 156ms
54ms Script
application/javascript 108.156.2.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.819bdb467a6bd2a2f5b5.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3544931.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.2.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-2-48.mxp63.r.cloudfront.net

Software

Resource Hash

c99611ee4443d2e5f878842e5a8119166c7237ed9757b5468ed7bd44027d2d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 509ce7fa1084460cb3b0bf1daf52fa30.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
age: 37280
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55622
last-modified: Fri, 08 Sep 2023 09:39:02 GMT
etag: "84a6f97c7142d07202cd13eb8af75e63"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3Ez0GAqoRHHcq7bbvQR1qq5GZsYBDsCKQvwrkJu8Bwhj2ir83gFbNw==

GET
H2 204 3544931 Show response
vc.hotjar.io/sessions/ 0
259 B 198ms
58ms XHR
text/plain 99.84.9.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3544931?s=0.25&r=0.059659462463720114
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/echo-webapp/client.c741f80c2f553ec6ee85.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.9.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-9-52.lhr62.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:00:26 GMT
via: 1.1 e2f89dba8ac9034af778bb189d8e3d84.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: LHR62-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: NPLBWic42IgPLVY8FKvKVE-C07fX8yNjcu6ANKg3qZnYTcLUvVIoxw==

GET
H2 200 y2faz2r2 Show response
widget.intercom.io/widget/ 7 KB
3 KB 156ms
49ms Script
application/javascript 99.84.88.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/y2faz2r2
Requested by: Host: web.lloydsdirect.co.uk
URL: https://web.lloydsdirect.co.uk/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-14.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: vK0uYYDgB4F.DO_vvx419j.KuAeTQ5sM
content-encoding: gzip
via: 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 19:54:02 GMT
x-amz-cf-pop: MUC50-C1
age: 385
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2706
last-modified: Fri, 08 Sep 2023 13:49:34 GMT
server: AmazonS3
etag: "4dea6beecd24ba580408d9c9b70e8595"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: tpoeeWOIxNe2MDrO1aOn03WjTI-n4pOXiYLSehujQBoUkgGNIeGjIQ==

GET
H2 200 frame-modern.0088f593.js Show response
js.intercomcdn.com/ Frame 400A 506 KB
140 KB 170ms
51ms Script
application/javascript 13.224.103.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.0088f593.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/y2faz2r2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-96.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: iq1uecPdLrfZiZyRurZDKr2QCvxS916F
content-encoding: gzip
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 19:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ZRH50-C1
age: 650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143127
last-modified: Fri, 08 Sep 2023 13:48:34 GMT
server: AmazonS3
etag: "800e98ccbe28f7fbe7b4a11ad33d2751"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: sHIyJuBrl3vAhzJNGC_1J2lb-oq7lp0i7zBHk_hXqGFYxkXxTapoDw==

GET
H2 200 vendor-modern.1f7f821f.js Show response
js.intercomcdn.com/ Frame 400A 409 KB
126 KB 268ms
150ms Script
application/javascript 13.224.103.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.1f7f821f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/y2faz2r2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-96.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: e6b0of2zh6VmxPzKKTHVSimea6gIp5kh
content-encoding: gzip
via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:46:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ZRH50-C1
age: 4460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 128314
last-modified: Wed, 06 Sep 2023 14:44:14 GMT
server: AmazonS3
etag: "ab3e894af9301f1134cecc568095b249"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: J0lEDmWNLyEJbRZjbiObEv0YGPjbjbhIwxhWsYFVt6WLJyGgCjnh9g==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 400A 4 KB
2 KB 787ms
528ms XHR
application/json 107.23.224.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0088f593.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.23.224.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-224-36.compute-1.amazonaws.com

Software

nginx /

Resource Hash

66f908bc9263d473682189e412f91476a61b0ddf443015a8c2e18e50c3e90566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Sep 2023 20:00:27 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0dc23bde2e40c2d7e
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0006mi2llkrrq0rtnurg
x-runtime: 0.380851
server: nginx
etag: W/"66f908bc9263d473682189e412f91476"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://web.lloydsdirect.co.uk
x-intercom-version: d1d319525a1538c675dfbe2eb849cdfcbf352e27
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lloydsdirect.co.uk/	1970-01-20 23:22:19	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+08+2023+22%3A00%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=202306.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&genVendors=&landingPath=https%3A%2F%2Fweb.lloydsdirect.co.uk%2Flogin&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.lloydsdirect.co.uk/	1970-01-20 14:36:44	Name: nhs_login_auth_state Value: 6f1e380d-275e-4cd0-a99f-70e25093653b
.lloydsdirect.co.uk/	1970-01-20 14:36:44	Name: nhs_login_nonce Value: 78a08297-32ef-4cfd-bdd8-e99fcf49a585
.lloydsdirect.co.uk/	1970-01-20 23:22:19	Name: _hjSessionUser_3544931 Value: eyJpZCI6IjUzMzFhYzFmLTVmMWItNTE3Mi04MDgxLTY0OWI2YjM3OGI5YyIsImNyZWF0ZWQiOjE2OTQyMDMyMjYzMzUsImV4aXN0aW5nIjpmYWxzZX0=
.lloydsdirect.co.uk/	1970-01-20 14:36:45	Name: _hjFirstSeen Value: 1
.lloydsdirect.co.uk/	1970-01-20 14:36:43	Name: _hjIncludedInSessionSample_3544931 Value: 0
.lloydsdirect.co.uk/	1970-01-20 14:36:45	Name: _hjSession_3544931 Value: eyJpZCI6ImE5ZGVmYzJmLTg4ZmEtNGM2OC1iODNiLTZhZjI0ZmJjYmVjZiIsImNyZWF0ZWQiOjE2OTQyMDMyMjYzMzYsImluU2FtcGxlIjpmYWxzZX0=
.lloydsdirect.co.uk/	1970-01-20 14:36:45	Name: _hjAbsoluteSessionInProgress Value: 1
m.stripe.com/	1970-01-21 00:12:43	Name: m Value: 98a40bb2-7023-4213-a955-1675a7a04238f407ec
.web.lloydsdirect.co.uk/	1970-01-20 23:22:19	Name: __stripe_mid Value: 706c4da1-27c1-40f8-99be-a610b2cbf373962d65
.web.lloydsdirect.co.uk/	1970-01-20 14:36:45	Name: __stripe_sid Value: e3f768c4-550f-4623-82c5-b638bbdcdf654c8977
.lloydsdirect.co.uk/	1970-01-20 21:05:33	Name: intercom-id-aw6cwhml Value: ce0f3591-f8de-4d97-b1d1-3733918703d6
.lloydsdirect.co.uk/	1970-01-20 14:46:48	Name: intercom-session-aw6cwhml Value:
.lloydsdirect.co.uk/	1970-01-20 21:05:33	Name: intercom-device-id-aw6cwhml Value: 91e1532a-fe9c-4daf-bbc0-7b33d55a5d8a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn-ukwest.onetrust.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js.intercomcdn.com
js.stripe.com
o102792.ingest.sentry.io
polyfill.io
script.hotjar.com
static.hotjar.com
storage.googleapis.com
vc.hotjar.io
web.lloydsdirect.co.uk
widget.intercom.io
www.dwin1.com
107.23.224.36
108.139.243.70
108.156.2.48
13.224.103.96
13.224.189.100
151.101.192.176
2600:9000:26db:e000:f:8ce2:fb80:93a1
2606:4700:4400::ac40:9b77
2a00:1450:4001:808::2003
2a00:1450:4001:80b::201b
2a00:1450:4001:831::200a
2a04:4e42:e00::282
34.120.195.249
99.84.88.14
99.84.9.52
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3
14a7b47dd1a2e26e115d091f500579a5f39a11ef13be6d6b4cf6a5fa1295689b
151bbc4f3de3c47d786d7c80abbc8e2979c0f54985dd32b724c26964c9a0d2f9
1cc2e39ba599fe96730d9b2fcfbd462e5e3b4845287d04fde3eb48395ad53835
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8
27aad92e5aa7dbdd82f6676ee6c70104681238fd5ef684fc442d4bcb089947b4
390c76936759621077691c338f847f55cbd420c7bcac323033e1cd4e3509d413
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fd932d3fb3c068cff0d5863613191b8b18b9813c4e953a95acbc6df9890eb31
5d9d990fcbef35abff52e151094cda1f29bdea3ddcbc9767f37e64fdbd936d74
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
66f908bc9263d473682189e412f91476a61b0ddf443015a8c2e18e50c3e90566
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6fae8d49d108154cac6f5436f6bd102f2e6d1454933b12edc74107bc7f9cd319
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
7703561d50a66c47ce645443f24ae3877fb4a9c4c3555b2c125916a40e55139f
85e3385f69d5fc9645e25058b142177df216207ff0110ffb1405e476d819de65
ab3a52f4e9cb4e76ccfa81036010992e7ded3d0f75ddcbc759fab89423f8eb59
aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57
c99611ee4443d2e5f878842e5a8119166c7237ed9757b5468ed7bd44027d2d08
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d17a789c509e104a1c3d7a575d84ac3ad6f6d4a07b34a2cdcd7803a176af529b
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d818bbb2832df2ad8cd1f228f1b2852565f6073cc8d89c9b66ad46a4a0bd40c1
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f71447ee5bac137c17b2956439c2cd083a7aed78b39668ddea71cda9ce0d62
e733830ca4caafe678037a6e4ed6224c10d2c8f493189b70e9c4c59d15144d5c
ef20bae383bd4b0ac4562c54046c11b1595fd9ac2d42621e98d1f0d756622664
f8b669ae1e02d4f5bdd6b133014029b0d48c13c4a6b2c044819f6bfc964a636c

web.lloydsdirect.co.uk Open in urlscan Pro 13.224.189.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

40 %IPv6

12 Domains

16 Subdomains

15 IPs

2 Countries

1241 kBTransfer

3775 kBSize

14 Cookies

6 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

web.lloydsdirect.co.uk Open in urlscan Pro
13.224.189.100 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

40 %
IPv6

12
Domains

16
Subdomains

15
IPs

2
Countries

1241 kB
Transfer

3775 kB
Size

14
Cookies

37 HTTP transactions
0 data transactions