urlscan.io logo urlscan.io
SecurityTrails logo

dev-scottish-widows.stink.co Open in urlscan Pro
2600:9000:2156:8e00:1b:666f:2300:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://dev-scottish-widows.stink.co/
Submission Tags: @phishunt_io
Submission: On April 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2600:9000:2156:8e00:1b:666f:2300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dev-scottish-widows.stink.co.
TLS certificate: Issued by Amazon on July 26th 2021. Valid for: a year.
This is the only time dev-scottish-widows.stink.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2600:9000:215... 16509 (AMAZON-02)
6 2.18.232.232 16625 (AKAMAI-AS)
1 54.154.15.255 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
22 5
Apex Domain
Subdomains		 Transfer
11 stink.co
dev-scottish-widows.stink.co
1 MB
6 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 989
286 KB
2 omtrdc.net
lloydsbankinggroup.d3.sc.omtrdc.net — Cisco Umbrella Rank: 35739
551 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
0 liveperson.net Failed
lptag.liveperson.net Failed
22 5
Domain Requested by
11 dev-scottish-widows.stink.co dev-scottish-widows.stink.co
6 tags.tiqcdn.com dev-scottish-widows.stink.co
tags.tiqcdn.com
2 lloydsbankinggroup.d3.sc.omtrdc.net dev-scottish-widows.stink.co
1 dpm.demdex.net tags.tiqcdn.com
0 lptag.liveperson.net Failed dev-scottish-widows.stink.co
tags.tiqcdn.com
22 5

This site contains links to these domains. Also see Links.

Domain
www.scottishwidows.co.uk
Subject Issuer Validity Valid
dev-scottish-widows.stink.co
Amazon		 2021-07-26 -
2022-08-24		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dev-scottish-widows.stink.co/
Frame ID: 9A154AD51E6B5BA930D13FA6A4D6A783
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How much pension will you get? Meet Your Future Self | Scottish Widows

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

22
Requests

91 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1466 kB
Transfer

3927 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dev-scottish-widows.stink.co/ 		13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbb407ccbb30f9cff4fee64c916874e8dafa065bb7790ef6e641808e09c9edfb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
content-type
text/html
date
Fri, 01 Apr 2022 17:15:26 GMT
etag
W/"62b799509eb9e246b63eb4a36be939b1"
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-id
5LYcF-SJTz2LqWyk5nvt2TtUV5WMeF4EZylgSQ0s71M5fbmFGpGvRg==
x-amz-cf-pop
FRA50-C1
x-amz-id-2
i8AUUp9RTPXk7o9pJK0J8ozMUrQfhG5yxbY/S23UYLLNAyN47xP9R+2JP9caNLzwhktd6HRgm5c=
x-amz-request-id
DSWMTZAHV703V18H
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
utag.sync.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		405 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/lbg/main/prod/utag.sync.js
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4e2e706110ef0249ff7a9690e3f6cfe880bb31160d8906aae0ccca727bf49e01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:25 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 13:23:14 GMT
server
AkamaiNetStorage
etag
"5ba56223e107edd03af6bfdfcfacb557:1648646593.991698"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:20:25 GMT
utag.2.js
tags.tiqcdn.com/utag/lbg/code/prod/ 		401 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/lbg/code/prod/utag.2.js?cb=2022011816
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
631d2f28d3fcde77180b4d2d5371bc3d223650a1c11b3146b36134bbb7db6372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
last-modified
Wed, 16 Jun 2021 13:50:23 GMT
server
AkamaiNetStorage
etag
"b0eb6822fe5a0911b481092a7ef774c8:1623851423.745459"
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
401
expires
Sat, 16 Apr 2022 17:15:26 GMT
main.e8687326.chunk.css
dev-scottish-widows.stink.co/static/css/ 		33 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61844bd388580c0a35856dabceb248cb4bb2322481f25f079ed3f1c207aebfb3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
ZE7MZS814R2DC5TA
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-amz-id-2
n2aQpuT3aWHIgwDaPYavCAa6NIJSvwzEvP9xn/rnaMU1tlnZNRWSnrNeiIsOpsSPfjne3Qx3rBs=
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"35f4da5fd1d1f84d86960ae2d15830c2"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/css
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Gt62npW_3F1q8tmSpeH1Z2Eq_QWQgv-_J4tFkR2i4Xp3CqgSp9ffjg==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/202201181458&cb=1642525126705
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 01 Apr 2022 17:25:26 GMT
face-desktop.a691628e.webp
dev-scottish-widows.stink.co/static/media/ 		370 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev-scottish-widows.stink.co/static/media/face-desktop.a691628e.webp
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c587141fe799599bb60035935cf5f4b8b957189a9086c857dc2c1c7eefa5bc3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
T9A646AEV17KJ0CT
x-cache
Miss from cloudfront
content-length
378708
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
"a691628efc249e23252f69acf3b10bec"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
binary/octet-stream
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
i2igrs9gcJZ4uO-SWswKezmYeXh1eVo8Uko_iAG07rhZOhr0Fi0a9Q==
x-amz-id-2
m1sNMmRi4k8Omtt6ysaMZS3Ff7mXt+q513XOTFsc5y/Qe/bQRmQEQ+d8EbJf27eZjbXnHJzLTjY=
webcomponents-loader.js
dev-scottish-widows.stink.co/webgl/node_modules/@webcomponents/webcomponentsjs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/webgl/node_modules/@webcomponents/webcomponentsjs/webcomponents-loader.js
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9A4SE966R9BKAED
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-amz-id-2
qhHwTs9zjdLhanaee4Jgu/vW5HRVW5TS131mOqWeDZhFhP5XtmuoLVIDjbJysx5pmDq8q3zKJNs=
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:08 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"e044a63e034bf10304dad73138b8c74b"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bRsaIO6umk91Mlh4i_JAULiOKNnjMLnmZkhXcj9LXH4rnsNgf1SLSg==
index.js
dev-scottish-widows.stink.co/webgl/build/ 		1 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/webgl/build/index.js
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
690c2a361021bb2b7a006f2c8381cd4e7cc5a2bc5151781c2eec6761e526249b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev-scottish-widows.stink.co/
Origin
https://dev-scottish-widows.stink.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9A5T43G363WHXYC
x-cache
Miss from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-amz-id-2
NqVCi6CdEsMnvmJMprzHhOgvp5bpUhxDtzTu0gWZzXmhlGbzEXosXHWWHzshvcKrBfAlf7fx5as=
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:08 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"0fb190cefd8dab11eeb84fc2ec22bf5e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0UVp0XHsx1V84SKZTnPy7e5oRsgvQhoUlu9lJlCzSQ_sZvAKc-zppg==
2.28e92718.chunk.js
dev-scottish-widows.stink.co/static/js/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/static/js/2.28e92718.chunk.js
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02c6ace60215dd9a5fdc85c835ada89d1367f67ae2ee9b857125641ba68288f8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9ADGX09SNYQHGYQ
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-amz-id-2
E47FFbiIeAqyTGCs/wR84/DoczU8GWtYChp/IA/EYO3r2tokOLKsNyyaSn6momm23qEz20db2oo=
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"746839429273216007358be9b74c6b76"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GfWlvd7xTjrhXpCwzJpGK1yZRLa01zteQniRI6_jP04gpDRDzPPAgQ==
main.3a0946d1.chunk.js
dev-scottish-widows.stink.co/static/js/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/static/js/main.3a0946d1.chunk.js
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e72da303307e3bea79cc52b425d4fa4bc5549295034ddf229b2e7bbe41d966
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9A6EEQ6V3Y7NF5D
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-amz-id-2
0TJSrxl9n0zxT9ntz+QRNgJrCN4M1cOkSHoOk4vuoIVdmmlCfA15BYvEL7rm2CQ+/2H3ewkvpCM=
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"01eff464ad7d69de0b68d17a1d0cc51a"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nFKpFi7C8jeWPYWJn8WIfIrHMvXOu9akdPhNONsprVwBaWxadOO2bA==
tag.js
lptag.liveperson.net/tag/ 		0
0
utag.2.js
tags.tiqcdn.com/utag/lbg/code/prod/ 		401 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/lbg/code/prod/utag.2.js?cb=2022040117
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
631d2f28d3fcde77180b4d2d5371bc3d223650a1c11b3146b36134bbb7db6372

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
last-modified
Wed, 16 Jun 2021 13:50:23 GMT
server
AkamaiNetStorage
etag
"b0eb6822fe5a0911b481092a7ef774c8:1623851423.745459"
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
401
expires
Sat, 16 Apr 2022 17:15:26 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce16d3ec80d37c82211e672eff1fbdf206aaa8917d302c303811ec0e891a6fa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
background-2020.jpg
dev-scottish-widows.stink.co/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev-scottish-widows.stink.co/background-2020.jpg
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0502f80877892ac225e8722331c35d05248543a54de25f4da25165bba3670548
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-request-id
T9A16XDWZ129AYCH
x-cache
Miss from cloudfront
content-length
185353
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
"8214e992dc62cef5b0e0e7c0010a31c6"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0HqwWl8Kx4eDPSiSa22uPvUP0L0GC9_5s05wHGNZmQ6hUbApgwKPQA==
x-amz-id-2
7T58ksRAdgJH4GBqo+59Uw95xRUN9nDlDFLPbm8UfbkOBO11+T7KSv0abolBRJueqZSrobRvMQA=
giorgiosans-extralight.otf
dev-scottish-widows.stink.co/fonts/ 		107 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/fonts/giorgiosans-extralight.otf
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e61a6514ae42874ac567a918212ed0f964c3d1c268a08f3ed578b0b8112234fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Origin
https://dev-scottish-widows.stink.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9A7DJRQTQQBCVBX
x-cache
Miss from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-amz-id-2
sWT1r6pabfH+w5l6oHaIcUH38l2/XNbcHvHZ7jtda8Ht49UnXeha81mS1YDrXF5TzH94wuBJZeo=
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"315fc9859eb7186088b026fb8cdcc580"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/font-sfnt
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4yYljO5nuvYy9KOfoDR6DMWCz707ckT_voF8j-zVA7ikj5Ap1qnNew==
unitroundedpro-light.otf
dev-scottish-widows.stink.co/fonts/ 		144 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/fonts/unitroundedpro-light.otf
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9001d21ee87c28e13d6f816ec95760b37e4b52599793465c65ba71199498772e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Origin
https://dev-scottish-widows.stink.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9ADSZPMES366C0Y
x-cache
Miss from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-amz-id-2
ddShuse1RgRAuj+NKCp6q5ZdKAA1OxdvPll3EJHhufqhA4zSiqMNk5wOlwz061VqHYKmdI/0FlU=
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"466fe2c3df22f80844d5afe56f1bb6f9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/font-sfnt
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fCOFuA8zP0Smi0Zq7C9NauERLpPd-hta0As7aKiyRW2TabEW_7FmIw==
giorgiosans-regular.otf
dev-scottish-widows.stink.co/fonts/ 		107 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dev-scottish-widows.stink.co/fonts/giorgiosans-regular.otf
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:1b:666f:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a00eb7240ea417c41a98a2cd02408d964ba7508ed87b9c0b76e518429a1da7b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dev-scottish-widows.stink.co/static/css/main.e8687326.chunk.css
Origin
https://dev-scottish-widows.stink.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
T9A4WSNENJ27RV2W
x-cache
Miss from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-amz-id-2
rfvHlxt3hA9XL/Y5M8Xgm1kbVISLRw9yB1mZLu3CsixpvXmfR6/yc5DApuK0bqGmJ7ViutnHi3c=
access-control-allow-origin
*
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:06:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"b626f03a58f3818cf585e4c24eb8a287"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/font-sfnt
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
content-security-policy
default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ufPLZem1UadSbvrhX2lWQLf3PxsTrBvmgAjAYFJuI67br2VMLZmOhA==
id
dpm.demdex.net/ 		227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=230D643E5A2550980A495DB6%40AdobeOrg&d_nsid=0&ts=1648833326271
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/lbg/main/prod/utag.sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.15.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-15-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9abf01ace42dddb167e79f29ee41eaaf645461664b68cbf342d857aaa851e4f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v030-0462a0296.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
pTfXkQ9yRJ4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://dev-scottish-widows.stink.co
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
219
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
lloydsbankinggroup.d3.sc.omtrdc.net/ 		2 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lloydsbankinggroup.d3.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=230D643E5A2550980A495DB6%40AdobeOrg&mid=82938418489869746324519972026677873082&ts=1648833326504
Requested by
Host: dev-scottish-widows.stink.co
URL: https://dev-scottish-widows.stink.co/static/js/2.28e92718.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7b6f4bb9f7-dn6dt
vary
Origin
x-c
main-1637.I660130.M0-562
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://dev-scottish-widows.stink.co
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
utag.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		693 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/lbg/main/prod/utag.sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e8e898c1e2f374d237cc18018ec8a49651c433e4c11b17e6d93da674e8ab0055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:26 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 13:23:13 GMT
server
AkamaiNetStorage
etag
"773c76c37730501338b44c8dfbe0febf:1648646593.238424"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Fri, 01 Apr 2022 17:20:26 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/202203301322&cb=1648833327041
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 01 Apr 2022 17:25:27 GMT
tag.js
lptag.liveperson.net/tag/ 		0
0
s98587763511098
lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.22.4/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.22.4/s98587763511098?AQB=1&ndh=1&pf=1&t=1%2F3%2F2022%2017%3A15%3A27%205%200&sdid=47176A93C81B32D9-39CC59AAC21DE8BF&mid=82938418489869746324519972026677873082&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=Brand-Division-Platform-&g=https%3A%2F%2Fdev-scottish-widows.stink.co%2F&cc=USD&events=event357%3D732.2999992370605%2Cevent358%3D1%2Cevent387%3D1%2Cevent363%3D150.5%2Cevent364%3D1%2Cevent1%3D1%2Cevent248%3D1%2Cevent601%3D1%2Cevent602%3D40%2Cevent603%3D0%2Cevent370%3D1%2Cevent371%3D46%2Cevent372%3D151%2Cevent373%3D1043%2Cevent374%3D1257%2Cevent375%3D982%2Cevent376%3D1261%2Cevent377%3D46%2Cevent378%3D104%2Cevent379%3D0%2Cevent380%3D4%2Cevent314%3D1%2Cevent316%3D312%2Cevent317%3D61%2Cevent318%3D21&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Brand-Division-Platform-&v1=Brand-Division-Platform-&c2=%2F&v2=%2F&v3=dev-scottish-widows.stink.co&c4=1&c6=AA-2.22.4&c7=Web&v7=Web&c9=visible%2Fvisible%2Fvisible&v10=Page%20Load&c12=1648833327057&v12=dev-scottish-widows.stink.co&c13=l1goshjl&v13=%2F&c35=82938418489869746324519972026677873082&c36=D%3Dsdid&c37=D%3Dmid&v38=0.7290871554606089_1648833327063&c41=l1goshjr0n6yjxgllq2e&v55=No%20Consent&v56=No%20Consent&v57=No%20Consent&v58=Not%20Seen&c72=928%3B1072&c73=782%3B851%3B1213%3B1340%3B0&c74=2&c75=37%3B40%3B46&v142=2021%2F20220329131629%2F202203301323&v172=view&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=230D643E5A2550980A495DB6%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 17:15:27 GMT
x-content-type-options
nosniff
x-c
main-1637.I660130.M0-562
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 02 Apr 2022 17:15:27 GMT
server
jag
xserver
anedge-7b6f4bb9f7-dn6dt
etag
3540842609050484736-4619644931088582119
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 31 Mar 2022 17:15:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lptag.liveperson.net
URL
https://lptag.liveperson.net/tag/tag.js?site=49955747
Domain
lptag.liveperson.net
URL
https://lptag.liveperson.net/tag/tag.js?site=49955747

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| tealiumSyncVersion object| utag_timing object| LBGAnalytics object| WebComponents object| webpackJsonp number| useUtagFile object| utag_cfg_ovrd undefined| $ undefined| jQuery function| runAppDynamics function| setAnalyticsVariables function| triggerAnalyticsPageEvent object| clovaAcquire object| clova2 object| clova3 object| utag_dataEmpty object| adobe function| Visitor object| s_c_il number| s_c_in function| runOnDelay boolean| stillDelay object| _onAnalyticsReady object| __SENTRY__ function| applyFocusVisiblePolyfill object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| ScottishwidowsFaceagingGUI boolean| utag_condload function| _typeof object| dl boolean| webviewDetected boolean| hatch undefined| giveMeQ function| eligibleByDomain function| getEnvironmentFromScriptLocation function| eligibleByEnvironment function| ineligibleByDevice function| ineligibleByPath function| exemptionPages function| getGMTTimeInOneHour function| getGMTTimeAnHourAgo function| getGMTTimeInNinetyDays function| getParentDomain function| getBrand function| debugLog undefined| dlParams object| utag object| _gaq object| pageTracker function| e object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq undefined| n object| bOU object| aOU function| tealium_liveperson_lib function| waitForObject function| ngaToCookie function| enhanceCookieLogic function| optInNoPrompt function| deleteCookie function| inheritNoPrompt function| showPrompt function| consentsCaptured function| writeSeenBeforeCookie function| writefirstSessionCookie function| seenBeforeCookieCaptured function| firstSessionCookieCaptured boolean| __tealium_twc_switch boolean| allowPartialMatch boolean| __tealium_privacy function| fixWTCookies number| analytics_event_count object| analytics_event_log boolean| waitingforngaconstants number| s_objectID number| s_giq function| webtrendsAsyncInit function| dcsMultiTrack object| Webtrends object| WebTrends boolean| delegatedDeferralOfTags object| lpTag function| printCelebrusLog object| _uxa number| webchateventinterval object| s_i_lloydsbankinggroupprod

7 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 83446977653445950294498495434979359815
.stink.co/ Name: AMCVS_230D643E5A2550980A495DB6%40AdobeOrg
Value: 1
.stink.co/ Name: AMCV_230D643E5A2550980A495DB6%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19084%7CMCMID%7C82938418489869746324519972026677873082%7CMCAAMLH-1649438126%7C6%7CMCAAMB-1649438126%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1648840526s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.3.0
.stink.co/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc3:1%7Cc5:1%7Cc4:1%7Cc2:1
.stink.co/ Name: _cs_mk_aa
Value: 0.7290871554606089_1648833327063
.stink.co/ Name: utag_main
Value: v_id:017fe61fef74001481ce409f992903073002506b00b08$_sn:1$_se:2$_ss:0$_st:1648835127071$ses_id:1648833326965%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:stink.co
.stink.co/ Name: s_cc
Value: true

2 Console Messages

Source Level URL
Text
security error URL: https://dev-scottish-widows.stink.co/
Message:
Refused to load the script 'https://lptag.liveperson.net/tag/tag.js?site=49955747' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com".
security error URL: https://tags.tiqcdn.com/utag/lbg/main/prod/utag.js(Line 1180)
Message:
Refused to load the script 'https://lptag.liveperson.net/tag/tag.js?site=49955747' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; img-src 'self' data: blob: https://lloydsbankinggroup.d3.sc.omtrdc.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://tags.tiqcdn.com; manifest-src 'self'; frame-src https://stags.bluekai.com https://*.lpsnmedia.net; connect-src 'self' https://sentry.io https://dpm.demdex.net/ https://lloydsbankinggroup.d3.sc.omtrdc.net/ https://www.beyond-reality-face.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tags.tiqcdn.com https://*.liveperson.net https://*.lpsnmedia.net
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev-scottish-widows.stink.co
dpm.demdex.net
lloydsbankinggroup.d3.sc.omtrdc.net
lptag.liveperson.net
tags.tiqcdn.com
lptag.liveperson.net
15.236.176.210
2.18.232.232
2600:9000:2156:8e00:1b:666f:2300:93a1
54.154.15.255
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
02c6ace60215dd9a5fdc85c835ada89d1367f67ae2ee9b857125641ba68288f8
0502f80877892ac225e8722331c35d05248543a54de25f4da25165bba3670548
0c587141fe799599bb60035935cf5f4b8b957189a9086c857dc2c1c7eefa5bc3
36e72da303307e3bea79cc52b425d4fa4bc5549295034ddf229b2e7bbe41d966
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e2e706110ef0249ff7a9690e3f6cfe880bb31160d8906aae0ccca727bf49e01
61844bd388580c0a35856dabceb248cb4bb2322481f25f079ed3f1c207aebfb3
631d2f28d3fcde77180b4d2d5371bc3d223650a1c11b3146b36134bbb7db6372
690c2a361021bb2b7a006f2c8381cd4e7cc5a2bc5151781c2eec6761e526249b
6a00eb7240ea417c41a98a2cd02408d964ba7508ed87b9c0b76e518429a1da7b
9001d21ee87c28e13d6f816ec95760b37e4b52599793465c65ba71199498772e
9abf01ace42dddb167e79f29ee41eaaf645461664b68cbf342d857aaa851e4f5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ce16d3ec80d37c82211e672eff1fbdf206aaa8917d302c303811ec0e891a6fa9
e61a6514ae42874ac567a918212ed0f964c3d1c268a08f3ed578b0b8112234fc
e8e898c1e2f374d237cc18018ec8a49651c433e4c11b17e6d93da674e8ab0055
fbb407ccbb30f9cff4fee64c916874e8dafa065bb7790ef6e641808e09c9edfb