urlscan.io logo urlscan.io
SecurityTrails logo

con-sit1.mortgage.virginmoney.com Open in urlscan Pro
20.90.233.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://con-sit1.mortgage.virginmoney.com/
Effective URL: https://con-sit1.mortgage.virginmoney.com/Question
Submission: On April 27 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 9 domains to perform 38 HTTP transactions. The main IP is 20.90.233.111, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is con-sit1.mortgage.virginmoney.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 24th 2021. Valid for: a year.
This is the only time con-sit1.mortgage.virginmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 20.90.233.111 8075 (MICROSOFT...)
2 2a02:26f0:df:... 20940 (AKAMAI-ASN1)
2 52.211.182.149 16509 (AMAZON-02)
7 52.209.68.164 16509 (AMAZON-02)
2 52.17.114.133 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.224.195.119 16509 (AMAZON-02)
1 52.212.211.89 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 54.75.68.230 16509 (AMAZON-02)
38 9
19    20.90.233.111 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
con-sit1.mortgage.virginmoney.com
2    2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    52.211.182.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-182-149.eu-west-1.compute.amazonaws.com
analytics.analytics-egain.com
7    52.209.68.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
cybgdev.egain.cloud
2    52.17.114.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-133.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.224.195.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-119.fra2.r.cloudfront.net
static-ssl.responsetap.com
1    52.212.211.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
clydesdalebankplc.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
clydesdalebank.d3.sc.omtrdc.net
1    54.75.68.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
19 virginmoney.com
con-sit1.mortgage.virginmoney.com
1 MB
7 egain.cloud
cybgdev.egain.cloud
29 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
clydesdalebankplc.demdex.net — Cisco Umbrella Rank: 381919
5 KB
2 omtrdc.net
clydesdalebank.d3.sc.omtrdc.net — Cisco Umbrella Rank: 360468
549 B
2 responsetap.com
static-ssl.responsetap.com — Cisco Umbrella Rank: 29521
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 analytics-egain.com
analytics.analytics-egain.com — Cisco Umbrella Rank: 21768
22 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 477
65 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 916
517 B
38 9
Domain Requested by
19 con-sit1.mortgage.virginmoney.com 1 redirects con-sit1.mortgage.virginmoney.com
7 cybgdev.egain.cloud analytics.analytics-egain.com
cybgdev.egain.cloud
con-sit1.mortgage.virginmoney.com
2 clydesdalebank.d3.sc.omtrdc.net assets.adobedtm.com
con-sit1.mortgage.virginmoney.com
2 static-ssl.responsetap.com con-sit1.mortgage.virginmoney.com
static-ssl.responsetap.com
2 www.google-analytics.com con-sit1.mortgage.virginmoney.com
www.google-analytics.com
2 dpm.demdex.net assets.adobedtm.com
con-sit1.mortgage.virginmoney.com
2 analytics.analytics-egain.com con-sit1.mortgage.virginmoney.com
analytics.analytics-egain.com
2 assets.adobedtm.com con-sit1.mortgage.virginmoney.com
assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 clydesdalebankplc.demdex.net assets.adobedtm.com
38 10

This site contains links to these domains. Also see Links.

Domain
uk.virginmoney.com
Subject Issuer Validity Valid
con-sit1.mortgage.virginmoney.com
Entrust Certification Authority - L1K		 2021-05-24 -
2022-05-24		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.analytics-egain.com
Amazon		 2021-10-06 -
2022-11-04		 a year crt.sh
*.egain.cloud
Amazon		 2022-01-27 -
2023-02-26		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
script.infinity-tracking.com
Amazon		 2022-01-11 -
2023-02-09		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh

This page contains 6 frames:

Primary Page: https://con-sit1.mortgage.virginmoney.com/Question
Frame ID: B5B26C9226EEB9A73A8C45B77CB132B1
Requests: 33 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/onetag/EG95242861
Frame ID: 57AC7152982CF2294CB4B0B9457728A7
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/iframe/EG95242861
Frame ID: 495E668C79CDDA985268ED1A97F5042C
Requests: 1 HTTP requests in this frame

Frame: https://cybgdev.egain.cloud/system/templates/chat/egain-docked-chat.js
Frame ID: 5C4B622B242B67BEEFA5305549B95AF0
Requests: 1 HTTP requests in this frame

Frame: https://clydesdalebankplc.demdex.net/dest5.html?d_nsid=0
Frame ID: 8A2F98F2B34E83DA7074406542AB6DE8
Requests: 1 HTTP requests in this frame

Frame: https://cybgdev.egain.cloud/system/cb/cs/checkSession.html?wsname=https://con-sit1.mortgage.virginmoney.com
Frame ID: E01A61EDEC4FD45CB65385738A35E4B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OK, here we go | Mortgages | Virgin Money UK

Page URL History Show full URLs

  1. https://con-sit1.mortgage.virginmoney.com/ HTTP 302
    https://con-sit1.mortgage.virginmoney.com/Question Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

38
Requests

97 %
HTTPS

20 %
IPv6

9
Domains

10
Subdomains

9
IPs

6
Countries

1232 kB
Transfer

1489 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://con-sit1.mortgage.virginmoney.com/ HTTP 302
    https://con-sit1.mortgage.virginmoney.com/Question Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://cm.everesttech.net/cm/dd?d_uuid=76591162710484773133691325895771888096 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmkrdgAAAEQm5AQf

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Question
con-sit1.mortgage.virginmoney.com/
Redirect Chain
  • https://con-sit1.mortgage.virginmoney.com/
  • https://con-sit1.mortgage.virginmoney.com/Question
29 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
88c97da7265497d73776e0af71cf800438932dba0aa404d80dffb5dd5c81b128
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
29703
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Apr 2022 11:39:32 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
Deny
X-UA-Compatible
IE=8; IE=9; IE=EDGE
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
126
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Apr 2022 11:39:32 GMT
Location
/Question
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
Deny
X-UA-Compatible
IE=8; IE=9; IE=EDGE
X-XSS-Protection
1; mode=block
application.css
con-sit1.mortgage.virginmoney.com/Css/ 		254 KB
255 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e239d9d025150740b335ab3848b9b2cdbe3edff37384af63f1706c627f60f42b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 27 Apr 2022 11:39:32 GMT
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css; charset=utf-8
Expires
Thu, 27 Apr 2023 11:39:32 GMT
Cache-Control
public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Connection
keep-alive
Vary
User-Agent
Content-Length
260114
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
egaindockchat.js
con-sit1.mortgage.virginmoney.com/Scripts/eGain/ 		785 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/Scripts/eGain/egaindockchat.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
653fc7fb601a0bf98b71b775188f4c902580a230c96c93a4b1a16137198bfc46
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:42 GMT
ETag
"0e533a17154d81:0"
X-Frame-Options
Deny
Content-Type
application/javascript
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
785
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
application.js
con-sit1.mortgage.virginmoney.com/ 		450 KB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/application.js?v=37LWj-LvH0yl9__YC67wcLR-A42ifIg44rwkr_4Gx4M1
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
168ff764a8849aea90898f1ced0d1325dda123b7450b5bb195a7efb7b65bd6f1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 27 Apr 2022 11:39:32 GMT
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/javascript; charset=utf-8
Expires
Thu, 27 Apr 2023 11:39:32 GMT
Cache-Control
public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Connection
keep-alive
Vary
User-Agent
Content-Length
461102
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
launch-4793a3bed9cf-staging.min.js
assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/ 		182 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/launch-4793a3bed9cf-staging.min.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a1485deb2fecc31ee5131d7039e4684169649bdd599aa8eeece01f65b0914626

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 11:39:33 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 14:28:56 GMT
server
AkamaiNetStorage
etag
"9fad0f85a01634ee0741cd468ab693e4:1644848936.820139"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 11:39:33 GMT
google-analytics.js
con-sit1.mortgage.virginmoney.com/Scripts/ 		450 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/Scripts/google-analytics.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41e2be4bd16af5ae078882c6772051bdac3ce804e58353067d3c1782d80f7c9f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:40 GMT
ETag
"0b82a07154d81:0"
X-Frame-Options
Deny
Content-Type
application/javascript
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
450
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
pattern-1.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/pattern-1.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03a7f217e0fcc4036e7fac65214fe3a10926d0ecf80ced483ec30a4b566c6200
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
2303
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
logo_reversed.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/logo_reversed.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f3f3d7dc95b919ef25493c05816a48bd1385020f998631c752dd2918337ae61
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
31670
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
sign-in.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/icons/sign-in.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee59a99f4b928c332b622ebcb4de435ff8db1e4419646111e43bae3858519754
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:33 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
1221
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
questions.js
con-sit1.mortgage.virginmoney.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/questions.js?v=fhPsQiXIi1dTSfU658CBkvrsNbxmo_qtCF1lwXXCPJM1
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8a38517dbc0adde505991d18ffdcf05f101b4d94fa8aa51dd5f3d8411d9932f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 27 Apr 2022 11:39:32 GMT
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/javascript; charset=utf-8
Expires
Thu, 27 Apr 2023 11:39:32 GMT
Cache-Control
public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Connection
keep-alive
Vary
User-Agent
Content-Length
3997
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
egainlifechat.js
con-sit1.mortgage.virginmoney.com/Scripts/eGain/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/Scripts/eGain/egainlifechat.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea6c4a5f1d4145f74487bdbf4d24fb4c56af1147c1a59fafb8255a4f3d83abd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Question
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:42 GMT
ETag
"0e533a17154d81:0"
X-Frame-Options
Deny
Content-Type
application/javascript
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
2303
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
EG95242861
analytics.analytics-egain.com/onetag/ Frame 57AC 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/onetag/EG95242861
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Scripts/eGain/egaindockchat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.182.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-182-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
045cd6888a44ef6a2044d742b11fbf99ea40990659b61643cf862937426655b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:39:32 GMT
cache-control
max-age=86400
server
content-type
text/javascript;charset=utf-8
expires
Thu, 28 Apr 2022 11:39:32 GMT
Inter-Regular.woff2
con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/Inter/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/Inter/Inter-Regular.woff2
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
03c75b1b36edb0aad6ff58705f95e22682862b05a6a5e7bfe1005cc8bb260bd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Origin
https://con-sit1.mortgage.virginmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:32 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:34 GMT
ETag
"0316f9c7154d81:0"
X-Frame-Options
Deny
Content-Type
application/x-font-woff2
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
88816
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
egain-chat.js
cybgdev.egain.cloud/system/templates/chat/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/templates/chat/egain-chat.js
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG95242861
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
0 /
Resource Hash
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Apr 2022 02:12:17 GMT
Server
0
ETag
"804d1e34958d81:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=7200,private, no-cache="set-cookie"
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
1068
allow_cobrowse.js
cybgdev.egain.cloud/system/cb/admin/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG95242861
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6c81688ea152198d09501ba61fbbd0cc969e9ddc2383a219b698268caf02eba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Apr 2022 13:01:46 GMT
SERVER
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=86400,private
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
6978
Offers.egain
cybgdev.egain.cloud/system/ 		384 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com%2FQuestion&egofferpagetitle=OK%2C%20here%20we%20go%20%7C%20Mortgages%20%7C%20Virgin%20Money%20UK&egofferpatternchecksum=
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG95242861
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
715e6f9d9165b57db06c5b92d854f2d63a0318df14ae151e725911a6bc40732f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
SERVER
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
345
X-UA-Compatible
IE=EmulateIE9
EG95242861
analytics.analytics-egain.com/iframe/ Frame 495E 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/iframe/EG95242861
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG95242861
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.182.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-182-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e35d1d5b934379f3ef26011323f5c1afddeed3bbd70a6f3a4a18abcd9ad66fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=86400
content-type
text/html;charset=utf-8
date
Wed, 27 Apr 2022 11:39:32 GMT
expires
Thu, 28 Apr 2022 11:39:32 GMT
server
egain-docked-chat.js
cybgdev.egain.cloud/system/templates/chat/ Frame 5C4B 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/templates/chat/egain-docked-chat.js
Requested by
Host: cybgdev.egain.cloud
URL: https://cybgdev.egain.cloud/system/templates/chat/egain-chat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
0 /
Resource Hash
cd35ceae81da11732a5364142ceb95920f1f1058a9fb89dfb8531ff5c57493e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Apr 2022 02:12:17 GMT
Server
0
ETag
"804d1e34958d81:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=7200,private
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Length
16104
getCBHostName.jsp
cybgdev.egain.cloud/system/cb/admin/ 		210 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/cb/admin/getCBHostName.jsp
Requested by
Host: cybgdev.egain.cloud
URL: https://cybgdev.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef60ec8e9be7664fee2a85323d4dabe4bf568e5acf09b8cc0d9d5a1b376e3e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
SERVER
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
270
id
dpm.demdex.net/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=81023670555B029C7F000101%40AdobeOrg&d_nsid=0&ts=1651059574005
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/launch-4793a3bed9cf-staging.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-114-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4b8f2db247a53b09c0f879fd86be8a7d7030d0cbd1a7d0d126f2df3d7bc37046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v031-05ef3562a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ElBt0Zq/TnQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://con-sit1.mortgage.virginmoney.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
317
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/launch-4793a3bed9cf-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:39:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Wed, 27 Apr 2022 12:39:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Scripts/google-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
284
date
Wed, 27 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 27 Apr 2022 13:34:50 GMT
select-arrow.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/ 		587 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/select-arrow.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96a1399d903eaddcdee2016b458732392601e8bda2fb7c2d056eaf853de7b7fa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
587
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
VirginMoneySans-Medium.woff2
con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneySans/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneySans/VirginMoneySans-Medium.woff2
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3a57552a1c2ad04b9b3e957fa41643f4809e81dd4f8e7e28a4b1f4cc921b068
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Origin
https://con-sit1.mortgage.virginmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
application/x-font-woff2
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
28472
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
VirginMoneySans-Regular.woff2
con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneySans/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneySans/VirginMoneySans-Regular.woff2
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5c73ee7e397f70b46ca49103e4ad7f3ad5e029270861b013f0b16c3a258a7e2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Origin
https://con-sit1.mortgage.virginmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
application/x-font-woff2
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
26484
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
VirginMoneyLoop-Regular.woff2
con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneyLoop/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/VirginMoneyLoop/VirginMoneyLoop-Regular.woff2
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
767c67bdb73ec03fcd72b801984a6d7df84e5066c6a8093d9ee2df54a4cdcd61
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Origin
https://con-sit1.mortgage.virginmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:34 GMT
ETag
"0316f9c7154d81:0"
X-Frame-Options
Deny
Content-Type
application/x-font-woff2
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
40628
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
Inter-SemiBold.woff2
con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/Inter/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Fonts/Inter/Inter-SemiBold.woff2
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c09f5cde27f73057311e1de51c5d952a07e6495211fc368aec4a916320cb6310
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Origin
https://con-sit1.mortgage.virginmoney.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:34 GMT
ETag
"0316f9c7154d81:0"
X-Frame-Options
Deny
Content-Type
application/x-font-woff2
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
95788
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
plus.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/ 		579 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/plus.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3558f813abe5bf6ed6c2e116eedfcf9cdb1fe91f15509943d4d2b9028b4329e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
579
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
new_window.svg
con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/ 		892 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://con-sit1.mortgage.virginmoney.com/ClientResources/Images/Icons/new_window.svg
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.90.233.111 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8dd33375a105ed37261eeffb6a2234361108beb38684135186d56ee810c5f04
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://con-sit1.mortgage.virginmoney.com/Css/application.css?v=HHijSLOaZi2XyOEDQntLaI2Y_K68rWBFQhpjLCBzL6o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Wed, 27 Apr 2022 11:39:34 GMT
Referrer-Policy
same-origin
Last-Modified
Wed, 20 Apr 2022 04:46:36 GMT
ETag
"05ea09d7154d81:0"
X-Frame-Options
Deny
Content-Type
image/svg+xml
Connection
keep-alive
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
892
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=8; IE=9; IE=EDGE
1064
cybgdev.egain.cloud/system/egain/chat/entrypoint/chatAllowed/ 		281 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/egain/chat/entrypoint/chatAllowed/1064
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/application.js?v=37LWj-LvH0yl9__YC67wcLR-A42ifIg44rwkr_4Gx4M1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
35fa4655c45a02f1a4f767a98ef4c17f47c7d55b0ca3509818b3b87cb76c5409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Apr 2022 11:39:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
SERVER
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/xml;charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-egain-session, Location, Vary, Content-Encoding, Content-Length, Date
Cache-Control
no-cache, no-cache="set-cookie"
Strict-Transport-Security
max-age=31536000
Content-Length
214
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rTapTrack.min.js
static-ssl.responsetap.com/static/scripts/ 		285 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dff8b2645a4475a00ffe4c9606c5adc3d669d288dd42e45e57ab0ed2ce40ec99

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 03:26:34 GMT
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 12:41:02 GMT
server
AmazonS3
age
29580
etag
"4168ba4c36d8d5b0f7087afe3f194fa0"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache,max-age=0
content-length
285
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-request-id
AGRW92FC7NY8Z7W5
x-amz-id-2
zdItTuFQI0Zemqfqpt4A3YCVI3D9KzZlosi6CryEXUj7rc6udmZBDS1E0NggDaxEy+CCj5Wg+Eo=
x-amz-cf-id
H2XYSrF93OpWpqkfRu45648ZFgP01hGJ-mLMJk8ncQsIWWagjmNkJA==
collect
www.google-analytics.com/j/ 		2 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=929740456&t=pageview&_s=1&dl=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com%2FQuestion&ul=en-us&de=UTF-8&dt=OK%2C%20here%20we%20go%20%7C%20Mortgages%20%7C%20Virgin%20Money%20UK&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1671985510&gjid=286453899&cid=168422748.1651059574&tid=UA-24689008-4&_gid=1767401840.1651059574&_r=1&_slc=1&z=2065352060
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Apr 2022 11:39:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://con-sit1.mortgage.virginmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
clydesdalebankplc.demdex.net/ Frame 8A2F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clydesdalebankplc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/launch-4793a3bed9cf-staging.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v031-075e59642.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
2dWnI1DSSAM=
content-encoding
gzip
date
Wed, 27 Apr 2022 11:39:34 GMT
last-modified
Wed, 27 Apr 2022 09:29:46 GMT
vary
accept-encoding
id
clydesdalebank.d3.sc.omtrdc.net/ 		2 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clydesdalebank.d3.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=81023670555B029C7F000101%40AdobeOrg&mid=76574446718826881603689619799344358849&ts=1651059574177
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6e420e4d1161/9dab9f2e85e4/launch-4793a3bed9cf-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Apr 2022 11:39:34 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-b4b698fcd-rb77c
vary
Origin
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://con-sit1.mortgage.virginmoney.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YmkrdgAAAEQm5AQf
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=76591162710484773133691325895771888096
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmkrdgAAAEQm5AQf
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmkrdgAAAEQm5AQf
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
HTTP/1.1
Server
52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-114-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v031-040f43333.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
L+vXhKhwRJ0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YmkrdgAAAEQm5AQf
Date
Wed, 27 Apr 2022 11:39:34 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
rTapTrack.min.js
static-ssl.responsetap.com/static/scripts/ 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js?ref=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com
Requested by
Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a21327f389d5ac3b2ce29292e95422c675659b14cfb77f5634a146951cefc78f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:39:35 GMT
content-encoding
br
last-modified
Fri, 22 Apr 2022 12:41:02 GMT
server
AmazonS3
x-amz-request-id
C6ENGFA3PPPM7HKS
etag
W/"0c738c5be4aceda6360027c3944a72c5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control
no-cache,max-age=0
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
u0pMBv_41y8recBfYyyJ6l5GTQOY2wd2dd7Ke_s_FNwW6AG7-27IGQ==
x-amz-id-2
JPJo3gnLqZMNp6NuPQzCGu8M0mce10ymlv2uyqcsDrp6kBPDoNG1FBm0FeUjuXhODKke8QnB/G0=
s52347394002313
clydesdalebank.d3.sc.omtrdc.net/b/ss/clydesdalebank-global-dev/1/JS-2.22.4-LBWB/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clydesdalebank.d3.sc.omtrdc.net/b/ss/clydesdalebank-global-dev/1/JS-2.22.4-LBWB/s52347394002313?AQB=1&ndh=1&pf=1&t=27%2F3%2F2022%2011%3A39%3A34%203%200&mid=76574446718826881603689619799344358849&aamlh=6&ce=UTF-8&pageName=question&g=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com%2FQuestion&c.&getPreviousValue=3.0&getNewRepeat=3.0&.c&cc=GBP&server=con-sit1.mortgage.virginmoney.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=virgin%20money&v4=New&v25=direct%20mortgages%20application&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=81023670555B029C7F000101%40AdobeOrg&AQE=1
Requested by
Host: con-sit1.mortgage.virginmoney.com
URL: https://con-sit1.mortgage.virginmoney.com/Question
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 11:39:34 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 28 Apr 2022 11:39:34 GMT
server
jag
xserver
anedge-b4b698fcd-254md
etag
3545623439005450240-4619598966873774197
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 26 Apr 2022 11:39:34 GMT
checkSession.html
cybgdev.egain.cloud/system/cb/cs/ Frame E01A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cybgdev.egain.cloud/system/cb/cs/checkSession.html?wsname=https://con-sit1.mortgage.virginmoney.com
Requested by
Host: cybgdev.egain.cloud
URL: https://cybgdev.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.68.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-68-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://con-sit1.mortgage.virginmoney.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://con-sit1.mortgage.virginmoney.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400,private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
807
Content-Security-Policy
frame-ancestors 'self' https://con-sit1.mortgage.virginmoney.com
Content-Type
text/html
Date
Wed, 27 Apr 2022 11:39:34 GMT
Last-Modified
Wed, 06 Apr 2022 13:02:16 GMT
SERVER
0
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://con-sit1.mortgage.virginmoney.com

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| egainAccount string| egainCloudUrl string| egainQueueId string| egainDocTemplate string| EG_ACT_ID object| vertex function| $ function| jQuery object| Mustache object| html5 object| Modernizr object| Foundation object| EGAINCLOUD function| eGOFRPatternStore object| EG_CALL_Q object| eGain object| egainDockChat object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| brandName string| formName string| pagePathOut string| GoogleAnalyticsObject function| ga function| startChat function| checkEgainAvailability function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| getNewRepeat function| cookieWrite function| cookieRead string| g function| rTapPostReplacement string| adiInit boolean| adiRVO object| adiFunc object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| allowed object| s_i_clydesdalebank-global-dev object| webpackChunktracking_script object| _its

19 Cookies

Domain/Path Name / Value
cybgdev.egain.cloud/system Name: JSESSIONID
Value: node0vgtey0qh2psj1kgb5ipb3h4cc35482.node0
con-sit1.mortgage.virginmoney.com/ Name: ApplicationGatewayAffinityCORS
Value: b95f2f16079baa8f25d2b3495617351f
con-sit1.mortgage.virginmoney.com/ Name: ApplicationGatewayAffinity
Value: b95f2f16079baa8f25d2b3495617351f
con-sit1.mortgage.virginmoney.com/ Name: ASP.NET_SessionId
Value: zscoqn3g5zm2g0330m2gjfz1
con-sit1.mortgage.virginmoney.com/ Name: __RequestVerificationToken
Value: IFYuDV6bXh8pcR0FuD2raPbmZRU4JX8dBqjbc8gVbnDR0U1qE0pJq7ns7ARiKEabMm9AyyWOseiF61CLQoIWPbgdvJA1
con-sit1.mortgage.virginmoney.com/ Name: EG-U-ID
Value: E80609f2c4-b732-4f44-9267-df8180dea608
con-sit1.mortgage.virginmoney.com/ Name: EG-S-ID
Value: B40f6fdb0d-d556-48a6-a5a4-1d89ffee901d
cybgdev.egain.cloud/ Name: AWSELBCORS
Value: 4F6523AB1E4EB8EF86E8DDABAEDABA00457467D33823CA820DD75F55F1197108BBF5C9343E0CC5B90203B39B0BDC51F7E9A0332933D398872B2A9B4A60D2AE144AFDEF99B6
.mortgage.virginmoney.com/ Name: s_nr30
Value: 1651059574082-New
.mortgage.virginmoney.com/ Name: gpv_Page
Value: question
.virginmoney.com/ Name: _ga
Value: GA1.2.168422748.1651059574
.virginmoney.com/ Name: _gid
Value: GA1.2.1767401840.1651059574
.virginmoney.com/ Name: _gat
Value: 1
.demdex.net/ Name: demdex
Value: 76591162710484773133691325895771888096
.virginmoney.com/ Name: AMCVS_81023670555B029C7F000101%40AdobeOrg
Value: 1
.virginmoney.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YmkrdgAAAEQm5AQf
.dpm.demdex.net/ Name: dpm
Value: 76591162710484773133691325895771888096
.virginmoney.com/ Name: AMCV_81023670555B029C7F000101%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19110%7CMCMID%7C76574446718826881603689619799344358849%7CMCAAMLH-1651664374%7C6%7CMCAAMB-1651664374%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1651066774s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19117%7CvVersion%7C5.3.0

2 Console Messages

Source Level URL
Text
security error URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js?ref=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com(Line 7)
Message:
Refused to connect to 'https://metrics.responsetap.com/infinity/info?pv=3&v=20220422&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.127+Safari%2F537.36&features=14&rtap=23330&placeholders=' because it violates the following Content Security Policy directive: "connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net".
javascript error URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js?ref=https%3A%2F%2Fcon-sit1.mortgage.virginmoney.com(Line 7)
Message:
Refused to connect to 'https://metrics.responsetap.com/infinity/info?pv=3&v=20220422&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.127+Safari%2F537.36&features=14&rtap=23330&placeholders=' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com 10to8.com d3saea0ftg7bjt.cloudfront.net *.google.com *.gstatic.com *.worldpay.com assets.adobedtm.com *.analytics-egain.com *.egain.cloud *.responsetap.com; img-src 'self' data: *.google-analytics.com d3saea0ftg7bjt.cloudfront.net clydesdalebank.d3.sc.omtrdc.net cm.everesttech.net dpm.demdex.net cm.g.doubleclick.net; frame-src 'self' 10to8.com *.google.com *.worldpay.com clydesdalebankplc.demdex.net *.analytics-egain.com *.egain.cloud; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.egain.cloud; connect-src 'self' *.google-analytics.com dpm.demdex.net *.egain.cloud clydesdalebank.d3.sc.omtrdc.net;font-src 'self' fonts.googleapis.com fonts.gstatic.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.analytics-egain.com
assets.adobedtm.com
clydesdalebank.d3.sc.omtrdc.net
clydesdalebankplc.demdex.net
cm.everesttech.net
con-sit1.mortgage.virginmoney.com
cybgdev.egain.cloud
dpm.demdex.net
static-ssl.responsetap.com
www.google-analytics.com
13.224.195.119
13.36.218.177
20.90.233.111
2a00:1450:4001:80e::200e
2a02:26f0:df:3a5::1e80
52.17.114.133
52.209.68.164
52.211.182.149
52.212.211.89
54.75.68.230
03a7f217e0fcc4036e7fac65214fe3a10926d0ecf80ced483ec30a4b566c6200
03c75b1b36edb0aad6ff58705f95e22682862b05a6a5e7bfe1005cc8bb260bd2
045cd6888a44ef6a2044d742b11fbf99ea40990659b61643cf862937426655b1
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
168ff764a8849aea90898f1ced0d1325dda123b7450b5bb195a7efb7b65bd6f1
35fa4655c45a02f1a4f767a98ef4c17f47c7d55b0ca3509818b3b87cb76c5409
41e2be4bd16af5ae078882c6772051bdac3ce804e58353067d3c1782d80f7c9f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36
4b8f2db247a53b09c0f879fd86be8a7d7030d0cbd1a7d0d126f2df3d7bc37046
653fc7fb601a0bf98b71b775188f4c902580a230c96c93a4b1a16137198bfc46
6c81688ea152198d09501ba61fbbd0cc969e9ddc2383a219b698268caf02eba3
6f3f3d7dc95b919ef25493c05816a48bd1385020f998631c752dd2918337ae61
715e6f9d9165b57db06c5b92d854f2d63a0318df14ae151e725911a6bc40732f
767c67bdb73ec03fcd72b801984a6d7df84e5066c6a8093d9ee2df54a4cdcd61
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e35d1d5b934379f3ef26011323f5c1afddeed3bbd70a6f3a4a18abcd9ad66fe
88c97da7265497d73776e0af71cf800438932dba0aa404d80dffb5dd5c81b128
96a1399d903eaddcdee2016b458732392601e8bda2fb7c2d056eaf853de7b7fa
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1485deb2fecc31ee5131d7039e4684169649bdd599aa8eeece01f65b0914626
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a21327f389d5ac3b2ce29292e95422c675659b14cfb77f5634a146951cefc78f
a8dd33375a105ed37261eeffb6a2234361108beb38684135186d56ee810c5f04
c09f5cde27f73057311e1de51c5d952a07e6495211fc368aec4a916320cb6310
c3558f813abe5bf6ed6c2e116eedfcf9cdb1fe91f15509943d4d2b9028b4329e
cd35ceae81da11732a5364142ceb95920f1f1058a9fb89dfb8531ff5c57493e9
d5c73ee7e397f70b46ca49103e4ad7f3ad5e029270861b013f0b16c3a258a7e2
dff8b2645a4475a00ffe4c9606c5adc3d669d288dd42e45e57ab0ed2ce40ec99
e239d9d025150740b335ab3848b9b2cdbe3edff37384af63f1706c627f60f42b
e3a57552a1c2ad04b9b3e957fa41643f4809e81dd4f8e7e28a4b1f4cc921b068
ea6c4a5f1d4145f74487bdbf4d24fb4c56af1147c1a59fafb8255a4f3d83abd2
ee59a99f4b928c332b622ebcb4de435ff8db1e4419646111e43bae3858519754
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60ec8e9be7664fee2a85323d4dabe4bf568e5acf09b8cc0d9d5a1b376e3e5a
f8a38517dbc0adde505991d18ffdcf05f101b4d94fa8aa51dd5f3d8411d9932f