urlscan.io logo urlscan.io
SecurityTrails logo

retailer.lycamobile.us Open in urlscan Pro
2606:4700::6812:a4b  Public Scan

Go To Rescan Add Verdict Report
URL: https://retailer.lycamobile.us/
Submission: On May 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6812:a4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is retailer.lycamobile.us.
TLS certificate: Issued by Network Solutions RSA OV SSL CA 3 on January 16th 2024. Valid for: a year.
This is the only time retailer.lycamobile.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.249.190.117 16509 (AMAZON-02)
1 13.126.36.236 ()
31 4
Apex Domain
Subdomains		 Transfer
29 lycamobile.us
retailer.lycamobile.us
1 MB
1 eum-appdynamics.com
bom-col.eum-appdynamics.com
865 B
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4533
21 KB
31 3
Domain Requested by
29 retailer.lycamobile.us retailer.lycamobile.us
1 bom-col.eum-appdynamics.com cdn.appdynamics.com
1 cdn.appdynamics.com retailer.lycamobile.us
31 3

This site contains no links.

Subject Issuer Validity Valid
*.lycamobile.us
Network Solutions RSA OV SSL CA 3		 2024-01-16 -
2025-02-15		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://retailer.lycamobile.us/
Frame ID: 791C60524F9A304D398D35D0E4180A9B
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CPOS

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

1147 kB
Transfer

3968 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
retailer.lycamobile.us/ 		170 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d58560eb5c7c67d85e383f5769646c21f4d9fe62d0dc8ad478da11bb41e4d9
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self' default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
true
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
87d6eb01cad55e76-EWR
content-encoding
br
content-security-policy
object-src 'self';frame-ancestors 'self' default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
content-type
text/html; charset=utf-8
date
Thu, 02 May 2024 09:17:24 GMT
expect-ct
max-age=86400, enforce
expires
-1
pragma
no-cache
referrer-policy
same-origin no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
xx-frame-options
sameorigin
plugins.bundle.min.css
retailer.lycamobile.us/assets/plugins/global/ 		228 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/plugins/global/plugins.bundle.min.css
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6288e802dad1809e116d80a1f2a9b8ce0cf06eebd7898fa06de23be197977775
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb033ba25e76-EWR
Bootstrap-customized.min.css
retailer.lycamobile.us/assets/css/ 		1 MB
109 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/css/Bootstrap-customized.min.css
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a28215d805cfcb8c83feaefb13a4cd71115aede305c8fdc3c6cf2488a2f576
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb033ba35e76-EWR
style.min.css
retailer.lycamobile.us/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/css/style.min.css
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61461eff5c8c1563398d40cfbb7c86c2b57cc0a33d3478dfc2ccc79190c54e6e
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb033ba45e76-EWR
germany.css
retailer.lycamobile.us/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/css/germany.css
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd0dcc5d5a6577ad12f959fed05bb323131480b4369f39f9728367a1036d6a8
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
cf-polished
origSize=4208
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb034ba55e76-EWR
lyca-loading-motion-final.gif
retailer.lycamobile.us/assets/media/logo/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/logo/lyca-loading-motion-final.gif
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e8f65b26b636b1d9c39180808a44efd1c8c185801ded0b95815e1be1004ff7
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
cf-polished
origSize=120842, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
69577
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb034ba65e76-EWR
banner1.jpg
retailer.lycamobile.us/Style/img/DefaultBanner/EN/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/Style/img/DefaultBanner/EN/banner1.jpg?V=4.0.9.3EN
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed5433ad80a5cb93ec160c780e097e8bc1140920cb6bccb6635a0fb5a27b0a8
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
cf-polished
qual=85, origFmt=jpeg, origSize=144310
content-disposition
inline; filename="banner1.webp"
alt-svc
h3=":443"; ma=86400
content-length
76874
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Apr 2024 12:53:34 GMT
server
cloudflare
etag
"11bde6c5fc84da1:0"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb034ba75e76-EWR
Banner2.jpg
retailer.lycamobile.us/Style/img/DefaultBanner/EN/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/Style/img/DefaultBanner/EN/Banner2.jpg?V=4.0.9.3EN
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc47b2fc4428acc81c9d6a07fa7c148b5bdf9c1e5b8ac489e86e1d1e68929073
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
cf-polished
qual=85, origFmt=jpeg, origSize=455088
content-disposition
inline; filename="Banner2.webp"
alt-svc
h3=":443"; ma=86400
content-length
77186
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 Mar 2024 17:07:41 GMT
server
cloudflare
etag
"21b0469cfb81da1:0"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb034ba85e76-EWR
user.png
retailer.lycamobile.us/assets/media/avatars/ 		320 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/avatars/user.png
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd53c5a24ad089fcf40faed792e40a971b7011fa2d5d8be8ee11aef0a52405bb
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4229
cf-polished
origFmt=png, origSize=774
content-disposition
inline; filename="user.webp"
alt-svc
h3=":443"; ma=86400
content-length
320
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb034ba95e76-EWR
Lyca.svg
retailer.lycamobile.us/assets/media/logo/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/logo/Lyca.svg
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1f396486033c3ad927ba1531342152acdd8c37d04fd7d4c093f165df4108da
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb034baa5e76-EWR
store-not-found.png
retailer.lycamobile.us/assets/media/stores/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/stores/store-not-found.png
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2464c6dd590937560a55d42b4f8a6e41a220690dd28ec63728dcdee9808257e9
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4304
cf-polished
origFmt=png, origSize=6357
content-disposition
inline; filename="store-not-found.webp"
alt-svc
h3=":443"; ma=86400
content-length
2932
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb034bab5e76-EWR
rocket-loader.min.js
retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Apr 2024 17:56:46 GMT
server
cloudflare
etag
W/"6627f65e-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
87d6eb034bb55e76-EWR
expires
Sat, 04 May 2024 09:17:24 GMT
blur-bottom.png
retailer.lycamobile.us/assets/media/extra/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/extra/blur-bottom.png
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac2d316772355c20c36e7f173f26d6be045e37cd18b29cd092e3b8362b24085
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4299
cf-polished
origSize=35958, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
33276
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb03bf545e7f-EWR
login-bg-blur.png
retailer.lycamobile.us/assets/media/extra/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/extra/login-bg-blur.png
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398f56d9f05290059fc931a4918da1d8ceece64164ae7a262b8ac8f97e7e003b
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4299
cf-polished
origFmt=png, origSize=49583
content-disposition
inline; filename="login-bg-blur.webp"
alt-svc
h3=":443"; ma=86400
content-length
40062
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb03bf565e7f-EWR
blur-top.png
retailer.lycamobile.us/assets/media/extra/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailer.lycamobile.us/assets/media/extra/blur-top.png
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290caade6eff009b6190be087a4846a72d88fa47626170abc696dd3f25262298
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4298
cf-polished
origSize=12681, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
11542
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb03bf585e7f-EWR
truncated
/ 		165 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5149f2bad392664eefaf80badfeab46fd8dc2fdb5472574c1555f84a25696bcf

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bb4903de341aab646e888f0595f7a9a0bd9efe24b2c1cca389cb897d9b5adaa

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
inter-v12-latin-700.woff
retailer.lycamobile.us/assets/fonts/inter/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/fonts/inter/inter-v12-latin-700.woff
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51df444d3a9a5b5368402f46d7ec6145d78a8e55d184c12bf431c72a3c982da6
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://retailer.lycamobile.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4291
alt-svc
h3=":443"; ma=86400
content-length
22684
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb043fa85e7f-EWR
inter-v12-latin-regular.woff
retailer.lycamobile.us/assets/fonts/inter/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/fonts/inter/inter-v12-latin-regular.woff
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea830d422488e32c1394d4db011a7761ba94ed5e8ee150a3b3ca5139ac86017
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://retailer.lycamobile.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4291
alt-svc
h3=":443"; ma=86400
content-length
21420
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb043fa95e7f-EWR
inter-v12-latin-600.woff
retailer.lycamobile.us/assets/fonts/inter/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/fonts/inter/inter-v12-latin-600.woff
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b2f9fbbe8a76005ec2f4ef38f2a412267a00578c838e01233711f22d329004
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://retailer.lycamobile.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4291
alt-svc
h3=":443"; ma=86400
content-length
22636
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb043faa5e7f-EWR
inter-v12-latin-500.woff
retailer.lycamobile.us/assets/fonts/inter/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/fonts/inter/inter-v12-latin-500.woff
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2514f3dfbfcbcfa6e0515edbcaceb65a682c7d6062e1a6b2d438917cc75382e9
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://retailer.lycamobile.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4291
alt-svc
h3=":443"; ma=86400
content-length
22516
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
access-control-allow-origin
true
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
87d6eb043fab5e7f-EWR
Login.js
retailer.lycamobile.us/Content/Login/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/Content/Login/Login.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011345a94858542363a378f5527d7be61a061ff87c9159cf90be535d71d84b76
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
cf-polished
origSize=22938
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef715e7f-EWR
pages.min.js
retailer.lycamobile.us/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/js/pages.min.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e7ec96012ead7621802d058bc881f2f784ff6f72709244bf9544c37bdee44f
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef735e7f-EWR
jquery.validate.min.js
retailer.lycamobile.us/assets/plugins/custom/jquery-validation/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/plugins/custom/jquery-validation/jquery.validate.min.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef745e7f-EWR
scripts.bundle.js
retailer.lycamobile.us/assets/js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/js/scripts.bundle.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415918c2abeb3b365a1e85a62510981f2f60a236c0732e20fa2e3118999de284
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
cf-polished
origSize=93821
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef755e7f-EWR
sortable.min.js
retailer.lycamobile.us/assets/plugins/custom/draggable/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/plugins/custom/draggable/sortable.min.js
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0c068cd9db5b8ca8a3dddaf72ae4d4748eb49fe0b3fcd2ef514bf4c353301c
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef775e7f-EWR
scripts.bundle.js
retailer.lycamobile.us/assets/js/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/js/scripts.bundle.js
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415918c2abeb3b365a1e85a62510981f2f60a236c0732e20fa2e3118999de284
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
cf-polished
origSize=93821
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef785e7f-EWR
plugins.bundle.js
retailer.lycamobile.us/assets/plugins/global/ 		1 MB
386 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/plugins/global/plugins.bundle.js
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448fb393e97c1ad47e4609aab1733d5506a1e00ead302f0f629241fc91303a16
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
cf-polished
origSize=1440868
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef795e7f-EWR
Dataservice.js
retailer.lycamobile.us/Content/Common/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/Content/Common/Dataservice.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6680158e1b60c2c2a2036d5ac0a58619d189b846954bec8e3be5d1cca27f9349
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4291
cf-polished
origSize=27744
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
cf-bgj
minify
last-modified
Mon, 15 Apr 2024 17:11:54 GMT
server
cloudflare
etag
W/"029883588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef7a5e7f-EWR
angular.min.js
retailer.lycamobile.us/Content/ 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/Content/angular.min.js?V=4.0.9.3
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9899427774c3c0426ea3bb39de8ce993b16f8e0eede3338d9f45c5d0e381b
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4292
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb03ef7b5e7f-EWR
favicon.ico
retailer.lycamobile.us/assets/media/logo/ 		1 KB
1003 B 		Other
General
Check archive.org
Download Go to
Full URL
https://retailer.lycamobile.us/assets/media/logo/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42fb7e93a423ddb51a0745fca23080699d259c226c8913f2bdb84995080acd83
Security Headers
Name Value
Content-Security-Policy object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 09:17:24 GMT
content-security-policy
object-src 'self';frame-ancestors 'self', default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-cache-status
HIT
xx-frame-options
sameorigin
age
4288
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
same-origin, no-referrer
last-modified
Mon, 15 Apr 2024 17:11:56 GMT
server
cloudflare
etag
W/"056b94588fda1:0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
access-control-allow-origin
true
cache-control
public,max-age=31536000
cf-ray
87d6eb0528635e7f-EWR
adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
cdn.appdynamics.com/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
Requested by
Host: retailer.lycamobile.us
URL: https://retailer.lycamobile.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-117.bos50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
edde5f9519d05ce9c276faa8df865f8ab1eb0e9696bd6c1b0bbd5d174fd8dc1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 06:16:34 GMT
content-encoding
gzip
via
1.1 f8c9a5da2480a9656a18b3b7a10b0ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
1911650
x-cache
Hit from cloudfront
last-modified
Tue, 21 Nov 2023 16:11:07 GMT
server
nginx/1.16.1
etag
W/"655cd69b-d667"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
mTwRXcSpboPksanmKxZ7evtoRwHAwAoaG2JPt0AzwlnEOwQIzlr4Bw==
adrum
bom-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/BO-AAB-DKJ/ 		0
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bom-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/BO-AAB-DKJ/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.a57fe9a4dfa0e1d6b2dc001466e4e21d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.36.236 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536010; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 May 2024 09:17:29 GMT
strict-transport-security
max-age=31536010; includeSubDomains
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR number| adrum-start-time object| adrum-config object| ADRUM object| angular object| eventListenerMap object| app object| Layoutmyapp object| invoiceApp object| MethodType object| UrlRequest object| Data function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| moment function| wNumb function| flatpickr function| monthSelectPlugin function| daterangepicker function| Inputmask function| default function| autosize function| ClipboardJS function| SmoothScroll function| Dropzone function| Tagify object| TreemapSquared function| SVG object| Apex function| ApexCharts object| RNApp function| RNBlockUI object| RNCookie function| RNDialer boolean| RNDrawerHandlersInitialized function| RNDrawer object| RNEventHandler function| RNFeedback function| RNImageInput boolean| RNMenuHandlersInitialized function| RNMenu function| RNPasswordMeter boolean| RNScrollHandlersInitialized function| RNScroll function| RNScrolltop function| RNSearch function| RNStepper boolean| RNStickyHandlersInitialized function| RNSticky boolean| RNSwapperHandlersInitialized function| RNSwapper function| RNToggle object| RNUtil object| RNComponents object| RNAppLayoutBuilder object| RNLayoutHeader object| RNLayoutSearch object| RNThemeModeUser object| RNThemeMode object| RNUtilElementDataStore number| RNUtilElementDataStoreID object| RNUtilDelegatedEventHandlers object| Sortable function| ClearLoginInputs string| LoginConfig object| LabelLogin function| HTMLDecode function| noBack string| RPath boolean| __cfRLUnblockHandlers

4 Cookies

Domain/Path Name / Value
retailer.lycamobile.us/ Name: ASP.NET_SessionId
Value: izzmlcqowt0rhkcr2v42afz2
retailer.lycamobile.us/ Name: SameSite
Value: None
retailer.lycamobile.us/ Name: ADRUM_BT1
Value: R:0|i:974973|e:166
retailer.lycamobile.us/ Name: ADRUM_BTa
Value: R:0|g:182383b5-392e-4af8-9f63-0635aeb353e2|n:lycatechservicespvtltd-prod_1071dcb3-35e9-4bf3-94d1-6cf96c2c58aa

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://retailer.lycamobile.us/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://retailer.lycamobile.us/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'self';frame-ancestors 'self' default-src https: http: wss: 'self' data: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bom-col.eum-appdynamics.com
cdn.appdynamics.com
retailer.lycamobile.us
13.126.36.236
13.249.190.117
2606:4700::6812:a4b
011345a94858542363a378f5527d7be61a061ff87c9159cf90be535d71d84b76
07a28215d805cfcb8c83feaefb13a4cd71115aede305c8fdc3c6cf2488a2f576
22b2f9fbbe8a76005ec2f4ef38f2a412267a00578c838e01233711f22d329004
2464c6dd590937560a55d42b4f8a6e41a220690dd28ec63728dcdee9808257e9
2514f3dfbfcbcfa6e0515edbcaceb65a682c7d6062e1a6b2d438917cc75382e9
290caade6eff009b6190be087a4846a72d88fa47626170abc696dd3f25262298
2cd9899427774c3c0426ea3bb39de8ce993b16f8e0eede3338d9f45c5d0e381b
2d0c068cd9db5b8ca8a3dddaf72ae4d4748eb49fe0b3fcd2ef514bf4c353301c
398f56d9f05290059fc931a4918da1d8ceece64164ae7a262b8ac8f97e7e003b
3ea830d422488e32c1394d4db011a7761ba94ed5e8ee150a3b3ca5139ac86017
415918c2abeb3b365a1e85a62510981f2f60a236c0732e20fa2e3118999de284
42fb7e93a423ddb51a0745fca23080699d259c226c8913f2bdb84995080acd83
448fb393e97c1ad47e4609aab1733d5506a1e00ead302f0f629241fc91303a16
5149f2bad392664eefaf80badfeab46fd8dc2fdb5472574c1555f84a25696bcf
51df444d3a9a5b5368402f46d7ec6145d78a8e55d184c12bf431c72a3c982da6
51e7ec96012ead7621802d058bc881f2f784ff6f72709244bf9544c37bdee44f
57e8f65b26b636b1d9c39180808a44efd1c8c185801ded0b95815e1be1004ff7
5bb4903de341aab646e888f0595f7a9a0bd9efe24b2c1cca389cb897d9b5adaa
61461eff5c8c1563398d40cfbb7c86c2b57cc0a33d3478dfc2ccc79190c54e6e
6288e802dad1809e116d80a1f2a9b8ce0cf06eebd7898fa06de23be197977775
6680158e1b60c2c2a2036d5ac0a58619d189b846954bec8e3be5d1cca27f9349
7ed5433ad80a5cb93ec160c780e097e8bc1140920cb6bccb6635a0fb5a27b0a8
8d1f396486033c3ad927ba1531342152acdd8c37d04fd7d4c093f165df4108da
9cd0dcc5d5a6577ad12f959fed05bb323131480b4369f39f9728367a1036d6a8
bd53c5a24ad089fcf40faed792e40a971b7011fa2d5d8be8ee11aef0a52405bb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dc47b2fc4428acc81c9d6a07fa7c148b5bdf9c1e5b8ac489e86e1d1e68929073
e1d58560eb5c7c67d85e383f5769646c21f4d9fe62d0dc8ad478da11bb41e4d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
edde5f9519d05ce9c276faa8df865f8ab1eb0e9696bd6c1b0bbd5d174fd8dc1a
fac2d316772355c20c36e7f173f26d6be045e37cd18b29cd092e3b8362b24085