Submitted URL: http://tescobank.com.s3-website-eu-west-1.amazonaws.com/
Effective URL: https://www.tescobank.com/
Submission: On October 21 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 53 HTTP transactions. The main IP is 23.205.106.85, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.tescobank.com. The Cisco Umbrella rank of the primary domain is 295639.
TLS certificate: Issued by Entrust Certification Authority - L1M on April 26th 2023. Valid for: a year.
This is the only time www.tescobank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.218.52.66 16509 (AMAZON-02)
1 1 23.205.106.75 20940 (AKAMAI-ASN1)
1 27 23.205.106.85 20940 (AKAMAI-ASN1)
16 2620:1ec:48:1... 8075 (MICROSOFT...)
2 2600:9000:250... 16509 (AMAZON-02)
4 3.234.31.129 14618 (AMAZON-AES)
5 18.154.110.83 16509 (AMAZON-02)
53 6
Apex Domain
Subdomains
Transfer
28 tescobank.com
www.tescobank.com — Cisco Umbrella Rank: 295639
458 KB
16 azureedge.net
forrit-one-tb-prod-p1-consumables.azureedge.net — Cisco Umbrella Rank: 508082
tescobank.azureedge.net — Cisco Umbrella Rank: 697060
233 KB
6 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3727
data.privacy.ensighten.com — Cisco Umbrella Rank: 9516
110 KB
5 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5560
27 KB
1 amazonaws.com
tescobank.com.s3-website-eu-west-1.amazonaws.com
271 B
53 5
Domain Requested by
28 www.tescobank.com 2 redirects www.tescobank.com
nexus.ensighten.com
15 forrit-one-tb-prod-p1-consumables.azureedge.net www.tescobank.com
5 widget.trustpilot.com nexus.ensighten.com
widget.trustpilot.com
4 data.privacy.ensighten.com www.tescobank.com
2 nexus.ensighten.com www.tescobank.com
nexus.ensighten.com
1 tescobank.azureedge.net www.tescobank.com
1 tescobank.com.s3-website-eu-west-1.amazonaws.com 1 redirects
53 7
Subject Issuer Validity Valid
www.tescobank.com
Entrust Certification Authority - L1M
2023-04-26 -
2024-04-26
a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 04
2023-10-08 -
2024-10-02
a year crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02
2023-09-29 -
2024-10-27
a year crt.sh
*.privacy.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-03 -
2024-02-16
a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02
2023-02-02 -
2024-03-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.tescobank.com/
Frame ID: 4F54A3770AD5BB8163BF0CAC7D754F7E
Requests: 51 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
Frame ID: 9FDA40FD77AC51490FB1D86754DCE091
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Tesco Bank - Credit Cards, Loans and Insurance - Personal Finance

Page URL History Show full URLs

  1. http://tescobank.com.s3-website-eu-west-1.amazonaws.com/ HTTP 301
    http://www.tescobank.com/ HTTP 301
    https://www.tescobank.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/

Page Statistics

53
Requests

98 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

825 kB
Transfer

1834 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tescobank.com.s3-website-eu-west-1.amazonaws.com/ HTTP 301
    http://www.tescobank.com/ HTTP 301
    https://www.tescobank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.tescobank.com/assets/website/img/logo/site-logo-rb.svg HTTP 301
  • https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tescobank.com/
Redirect Chain
  • http://tescobank.com.s3-website-eu-west-1.amazonaws.com/
  • http://www.tescobank.com/
  • https://www.tescobank.com/
110 KB
18 KB
Document
General
Full URL
https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39cec5c589dad5f6e34020ac8d837e7cc94ed28f2cff4fbf6710a698fa9adb8c
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-7a2667d51e09f1fa06c5e2f5b5108eb9' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
private, s-maxage=0
content-encoding
gzip
content-length
15268
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-7a2667d51e09f1fa06c5e2f5b5108eb9' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 23:19:17 GMT
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-akamai-transformed
9 20392 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 21 Oct 2023 23:19:17 GMT
Location
https://www.tescobank.com/
tb-iconfont.ttf
www.tescobank.com/Fonts/tb-iconfont/
6 KB
6 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/tb-iconfont/tb-iconfont.ttf?ae3jsw
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e19a267c1a8b205b022e155d7c65adb9468072ba26bf277ab916e937586f603c
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:18 GMT
content-encoding
gzip
content-length
3806
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-expose-headers
Request-Context
cache-control
max-age=59906
accept-ranges
bytes
TESCOModern-Light-web.woff2
www.tescobank.com/Fonts/
27 KB
29 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/TESCOModern-Light-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc3de12503ecb116a9f44677fa8d2b1c066d2313189b89fb2df5817f5d907ca2
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
date
Sat, 21 Oct 2023 23:19:18 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=60587
accept-ranges
bytes
content-length
27376
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
TESCOModern-LightItalic-web.woff2
www.tescobank.com/Fonts/
28 KB
30 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/TESCOModern-LightItalic-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a34d5bf04784d240998095d06dbfd6309d2e414ec864e5440618cec9ac93cff
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
date
Sat, 21 Oct 2023 23:19:18 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=46127
accept-ranges
bytes
content-length
28360
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
TESCOModern-Medium-web.woff2
www.tescobank.com/Fonts/
28 KB
31 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/TESCOModern-Medium-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
568219ca839f8425765048f6ff3214e8fa5ce4025f4315e7e1e3be5b906c0b63
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
date
Sat, 21 Oct 2023 23:19:18 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=59410
accept-ranges
bytes
content-length
29084
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
TESCOModern-Regular-web.woff2
www.tescobank.com/Fonts/
28 KB
31 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/TESCOModern-Regular-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22c07af3234f9d6dc7f9a781740625e4c7e4287a9ce9709f6d89c36b962b23c1
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
date
Sat, 21 Oct 2023 23:19:18 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=60468
accept-ranges
bytes
content-length
29080
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
TESCOModern-Bold-web.woff2
www.tescobank.com/Fonts/
27 KB
30 KB
Font
General
Full URL
https://www.tescobank.com/Fonts/TESCOModern-Bold-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f9c15b61eb2e0552290225807a6826c7dc7b8396fa3c05ead5b24d2a9b0ba10
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
date
Sat, 21 Oct 2023 23:19:18 GMT
etag
"0d6f48fbf5d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-expose-headers
Request-Context
cache-control
max-age=14547
accept-ranges
bytes
content-length
27792
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
css
www.tescobank.com/bundles/
456 KB
80 KB
Stylesheet
General
Full URL
https://www.tescobank.com/bundles/css?v=pZyFX7PbHvjN7lsKjHw-qw7f0IIoOEt9Mr0qCH2pM2U1
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96a482508f00a8a096bbc2df310b0dccd9c2c8152de1514b089427724f664001
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-8bd6872c166e6a0e979a330ce4cb4ed0' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Sun, 20 Oct 2024 23:19:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
last-modified
Sat, 21 Oct 2023 23:19:18 GMT
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-8bd6872c166e6a0e979a330ce4cb4ed0' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:18 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
head-scripts
www.tescobank.com/bundles/
5 KB
5 KB
Script
General
Full URL
https://www.tescobank.com/bundles/head-scripts?v=1Tun4lNF1HtpvzOhB_BvucYx03zqxr6Ch_FK9zbmVqY1
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b9f29ff84f1dd1eed259d636610d91e5f8b4e99cadf5886073c70bf2039ea9f
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-5035e6ef703f15d5743610cc81228931' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-5035e6ef703f15d5743610cc81228931' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:18 GMT
content-length
2906
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Oct 2023 23:19:18 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Sun, 20 Oct 2024 23:19:18 GMT
icon-card-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/47b1556d-e328-49ba-9b37-bbf9226fda00/
1 KB
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/47b1556d-e328-49ba-9b37-bbf9226fda00/icon-card-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6bea6a3f8b075c57e85de9bf05d1e2c793c430041765c2a0c4b99ac1d3bac106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:18 GMT
x-azure-ref-originshield
0aEAzZQAAAAC1VtkFrQ5gRoBcI+CMWqurTU5aMjIxMDYwNjEyMDI1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
iiccdbtQtBRiTJ1+uti1Og==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:32:57 GMT
etag
0x8DB1A8360DB5A50
x-frame-options
SAMEORIGIN
x-azure-ref
0dlw0ZQAAAAAwuCGksuicTLPObrHRKVWPQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7cbea50c-b01e-0010-587f-02c850000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Bootstrap.js
nexus.ensighten.com/tescobank/brochureware/
123 KB
29 KB
Script
General
Full URL
https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:8800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e8afb3bd7f0dac45859002aa802c7aa728ab0946a7dc4ad7977f160c2caa8cb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:21:41 GMT
x-amz-version-id
svA_MRv6mve3ieQ3JJUODqVfoVV_Qn6L
content-encoding
br
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
age
75458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Sep 2023 09:19:31 GMT
server
CloudFront
etag
W/"ce07a3adef89d5ecd9e1fe28901facab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
YwdBHu7SQ5-7nBrInOK-e8ZKBzoqGvHu0J8sCPE4H5KZ3kXLGkD5WA==
5fb66728
www.tescobank.com/akam/13/
26 KB
9 KB
Script
General
Full URL
https://www.tescobank.com/akam/13/5fb66728
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ba8e979d59f1d06ff972a70ba841d5570268abeee56561a861ddd7285f78ade2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 23:19:18 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:09:30 GMT
etag
"0b97376a58f14779610da086f7cf04dc50735979ef1fbae894f1067ec81fb86f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8797
expires
Sat, 21 Oct 2023 23:19:18 GMT
tesco-bank-logo.png
forrit-one-tb-prod-p1-consumables.azureedge.net/media/22827e5b-a900-4f39-b3e8-a199bbfd7a79/
3 KB
4 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/22827e5b-a900-4f39-b3e8-a199bbfd7a79/tesco-bank-logo.png
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aeaf08bf51932d94a7a090d5bd46bb0e6abd76fd09a63d1c850f02aa1df38ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:18 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j/0zZQAAAAC25pq/TWdtTYOLauewOTtITU5aMjIxMDYwNjEyMDUxADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
HyI8yZ4Y7c9E5XCM2I1OGg==
x-cache
TCP_HIT
content-length
3570
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Fri, 30 Jun 2023 11:40:39 GMT
etag
0x8DB795ED44B8FAB
x-frame-options
SAMEORIGIN
x-azure-ref
0dlw0ZQAAAACHfwyb4XM6SJg1DjW2aZp9Qk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
57b49676-b01e-005f-5264-030c48000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
man-and-children-building-furniture-l.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/7f97fc12-7636-442f-9557-c23f919639ff/
105 KB
105 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/7f97fc12-7636-442f-9557-c23f919639ff/man-and-children-building-furniture-l.jpg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da9f4dea6393d51ddd8834418a2c8c795869ea07d256afd0b15d86743cab272a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:18 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0dlw0ZQAAAACEpXZnhqBxRYo9CzGlP2S3TU5aMjIxMDYwNjExMDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
qkMks1EunKWF+2AaMNIh5Q==
x-cache
TCP_REMOTE_HIT
content-length
107121
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Tue, 26 Sep 2023 10:42:32 GMT
etag
0x8DBBE7D4A4CE4E6
x-frame-options
SAMEORIGIN
x-azure-ref
0dlw0ZQAAAAAm9ioFsrU6Qo/ymXgOpvm1Qk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
32c5b7b0-f01e-0035-0c42-0350e3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
scripts
www.tescobank.com/bundles/
169 KB
77 KB
Script
General
Full URL
https://www.tescobank.com/bundles/scripts?v=MQprlrMhw5rXlMCmlC_7pJTg-KCqH36E8Bopb5ilprc1
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19c38c1f19eb506cf0eb52cfdf697831a5f2b371164a7b4b1090d4e185a2c14f
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-1c696bdacdca15ec729f0cb8f0b08297' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-1c696bdacdca15ec729f0cb8f0b08297' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:18 GMT
content-length
75947
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Oct 2023 23:19:18 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Sun, 20 Oct 2024 23:19:18 GMT
deferred-css
www.tescobank.com/bundles/
5 KB
4 KB
Stylesheet
General
Full URL
https://www.tescobank.com/bundles/deferred-css?v=J4NAge9xzP9FwGAMHBQ5jbz9h_hqWifR1jbLBMrRGhc1
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f0cf82d5e09e03fada71e328cf7f97ab29015542c419c48d40ebe1569143223
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-438752949464cb426888aa220bd96e85' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-438752949464cb426888aa220bd96e85' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:18 GMT
content-length
1666
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Oct 2023 23:19:18 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Sun, 20 Oct 2024 23:19:18 GMT
Bootstrap.js
nexus.ensighten.com/tescobank/privacy/
382 KB
80 KB
Script
General
Full URL
https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:8800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f8b27c81b68e4d7268077c8b7ea7f079f74ffd53f62957d7e17d745823636f63

Request headers

Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Oct 2023 22:16:27 GMT
x-amz-version-id
5AAcPLPnk510gN_Zlr4r2kAEaTXEeZy_
content-encoding
br
via
1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
age
90172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Sep 2023 14:20:24 GMT
server
CloudFront
etag
W/"1131f325d759f9652eae00a788d94a85"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
4GKVoU1pMhs6llSfVrx16_8tpwQA6HJMDZT6zbwrLczsicPTGj2Qug==
Clubcard-Prices-Logo.png
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d49be1e5-c3ff-4ad9-938a-7076ebb08257/
9 KB
9 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d49be1e5-c3ff-4ad9-938a-7076ebb08257/Clubcard-Prices-Logo.png
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
69c6b0a76d4f92915c0580e33ea1177e46b7fc1fd07b2c15f0b6adc358f50096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:18 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0+noyZQAAAAAdFKoaq3hVS7/iuAjlkDPiTU5aMjIxMDYwNjExMDQ3ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
w52cWY0g6L1yIwC6+pVq0Q==
x-cache
TCP_HIT
content-length
9085
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Thu, 06 Jul 2023 08:01:50 GMT
etag
0x8DB7DF740FF61D5
x-frame-options
SAMEORIGIN
x-azure-ref
0dlw0ZQAAAACAJ0384o5vSqCtKUx02n37Qk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
3da03a3e-601e-003b-7446-02bce8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
main.js
www.tescobank.com/Scripts/Dist/
5 KB
5 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/main.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1e52d77264de139e04bb7eb4d8ceea358f95e06356b527fb50bb3054b2d62a6
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
2066
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:30 GMT
etag
"0a37861fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
header-and-nav.js
www.tescobank.com/Scripts/Dist/layout/
10 KB
6 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/layout/header-and-nav.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06a25eb20544eaa0fb6eea364fea588a79d6adc4fd0e6e909b6762a0cfb1974e
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
2899
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
footer.js
www.tescobank.com/Scripts/Dist/layout/
780 B
4 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/layout/footer.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de219074ff2fbcfc4c1724036bdf883ab0b27568a87b9972eb64011cfc07ba9e
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
526
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
search.js
www.tescobank.com/Scripts/Dist/search/
1 KB
4 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/search/search.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49a997ad3efef8509cc12ab2366b550e8b62559764b6402e1565ba5431f6d907
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
859
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
greeting.js
www.tescobank.com/Scripts/Dist/greeting/
697 B
4 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/greeting/greeting.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2abbde538b651d9b4054613603e8c75229f9d26e3ce4ec068847146e8cf7cd32
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
525
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
product-tiles.js
www.tescobank.com/Scripts/Dist/product-tiles/
2 KB
4 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/product-tiles/product-tiles.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a477a71358f9744e891c82b452d815d069e0751b250953b5d0f64e2f9c11f04
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
795
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
trustpilot.js
www.tescobank.com/Scripts/Dist/trustpilot/
440 B
3 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/trustpilot/trustpilot.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bec657d46177b9cf0cee63eb05767dfc70c0913baf015b30771162dcb1e706a9
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
436
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
r.rnc
data.privacy.ensighten.com/privacy/v1/b/
0
106 B
Image
General
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=746&i=68rzrs&p=privacy&s=329&d=8Eh7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0NiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwiaW5zdGFuY2UpAPAUIjY4cnpycyIsInBhY2tldCI6MCwibW9kZSI6ImVuZm9yY2VZAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmdlAPIJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0tQBgIiwidHlwVADwD2JpbGxpbmciLCJzdGFydCI6MTY5NzkzMDM1ODc4MV0AoGQiOi0xLCJzb3V8ACI6IisAQXR1cyIMAGByZWFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDAOTMwMzU4NzgxfV19
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-31-129.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 21 Oct 2023 23:19:17 GMT
site-logo-rb.svg
tescobank.azureedge.net/assets/site-logo-rb/1/
Redirect Chain
  • https://www.tescobank.com/assets/website/img/logo/site-logo-rb.svg
  • https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg
5 KB
2 KB
Image
General
Full URL
https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
80e2a6156b3f132c69c53d4d3d2993c04a302f335c643de634d35da96ac839ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 Oct 2023 23:19:18 GMT
content-encoding
br
x-azure-ref-originshield
02z8zZQAAAAAr198K1sXySaw7HeZOwVsrTU5aMjIxMDYwNjExMDI1AGE2OWVmNTE2LTRiYzUtNGZkMS1hYjVhLTYyMWYzZTdiOTI4MA==
content-md5
uOBUxUCby6XWW6NGck/91Q==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Mon, 26 Oct 2020 05:44:17 GMT
etag
0x8D879722DFE7ECF
x-azure-ref
0dlw0ZQAAAADlgkl/kOyCQIJ9kSzWTzKWQk4xQUEyMDUxMDE4MDM1AGE2OWVmNTE2LTRiYzUtNGZkMS1hYjVhLTYyMWYzZTdiOTI4MA==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
47ff8bf7-e01e-000b-03fb-fde984000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31622400
x-ms-version
2009-09-19

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg
access-control-expose-headers
Request-Context
cache-control
private, max-age=3611
content-length
187
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
TESCOModern-Bold-web.woff2
www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/
29 KB
30 KB
Font
General
Full URL
https://www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/TESCOModern-Bold-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5009170864964460be50a307724eae186bd9e6e8ba3bc88a35b91109764006a

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:19 GMT
last-modified
Mon, 21 Aug 2023 15:02:30 GMT
accept-ranges
bytes
content-length
29720
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/font-woff2
TESCOModern-Light-web.woff2
www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/
28 KB
30 KB
Font
General
Full URL
https://www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/TESCOModern-Light-web.woff2
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8a0d031124f300127c0360780cba45570153bde6c2092d1cf411df8a611e798

Request headers

Referer
https://www.tescobank.com/
Origin
https://www.tescobank.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:19 GMT
last-modified
Mon, 21 Aug 2023 15:02:30 GMT
accept-ranges
bytes
content-length
28940
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/font-woff2
r.rnc
data.privacy.ensighten.com/privacy/v1/c/
0
106 B
Image
General
Full URL
https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=0&c=746&i=73471m&p=privacy&s=395&d=9CZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0Ng8A8B9OYW1lIjoiVGVzY29CYW5rIiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwibW9kKwCQd2hpdGVsaXN0UwDwJG9va2llcyI6eyJURVNDT0JBTktfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKYA8Q8ifSwiZHQiOjE2OTc5MzAzNTg3OTMsInNldHRpbmdQAPAXbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJFbmepAKEiLCJkZWZhdWx0OQByTWVhc3VyZSQA8BkwLCJFeHBlcmllbmNlIjowLCJBZHZlcnRpc2luZyI6MH19LCJldmVuOwAiW3sLAEEiOiJj2ABwQ2hhbmdlZGAADqwABdQAwEFERUQiOiIxIn1dfQ
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-31-129.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 21 Oct 2023 23:19:17 GMT
r.rnc
data.privacy.ensighten.com/privacy/v1/c/
0
107 B
Image
General
Full URL
https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=1&c=746&i=73471m&p=privacy&s=331&d=9CZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0Ng8A8B9OYW1lIjoiVGVzY29CYW5rIiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwibW9kKwCQd2hpdGVsaXN0UwDwJG9va2llcyI6eyJURVNDT0JBTktfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKYA8Q8ifSwiZHQiOjE2OTc5MzAzNTg5MDAsInNldHRpbmdQAPAXbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJFbmepAKEiLCJkZWZhdWx0OQByTWVhc3VyZSQA8CAwLCJFeHBlcmllbmNlIjowLCJBZHZlcnRpc2luZyI6MH19LCJldmVudHMiOltdfQ
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-31-129.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:18 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 21 Oct 2023 23:19:17 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
21 KB
7 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.110.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-110-83.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 11:07:47 GMT
via
1.1 a822643cd037758e5d30778b27002e1e.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
43893
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6676
x-xss-protection
1; mode=block
last-modified
Wed, 03 May 2023 13:48:29 GMT
server
AmazonS3
etag
"befec09eb386fc68a0869c8d1b529dd6"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
9rVurqHzkwBrFE7QFj4AbWRTh_erEdS_rxM0wOkbzJRFO3MML7iGHA==
helper.js
www.tescobank.com/Scripts/Dist/shared/
3 KB
4 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/shared/helper.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7f05dd901605ce42b2a5f717cfa09bcc3a662a3a802959442847e928e12d97a
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
1263
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:34 GMT
etag
"0fdda63fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
pixel_5fb66728
www.tescobank.com/akam/13/
0
605 B
XHR
General
Full URL
https://www.tescobank.com/akam/13/pixel_5fb66728
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
0
content-type
text/html
index.html
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame 9FDA
8 KB
3 KB
Document
General
Full URL
https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.110.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-110-83.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tescobank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
52804
cache-control
max-age=86400
content-encoding
gzip
content-length
2109
content-type
text/html
date
Sat, 21 Oct 2023 08:39:15 GMT
etag
"991f71c8583c65f71143c6e83300ea2e"
last-modified
Mon, 08 May 2023 11:39:52 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 a822643cd037758e5d30778b27002e1e.cloudfront.net (CloudFront)
x-amz-cf-id
TBHLj31XL2RQYENSlbXHNa1mBZ4VeIWdq-dVgcr-4hV-DqgEWruSaQ==
x-amz-cf-pop
ORD58-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.js
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame 9FDA
52 KB
16 KB
Script
General
Full URL
https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.110.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-110-83.ord58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7930f8fe550eb2eb38ac682205664ab072a4573b911831aff82f7f65433e6e37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 09:21:39 GMT
via
1.1 a822643cd037758e5d30778b27002e1e.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD58-P6
age
50261
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16291
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:40:00 GMT
server
AmazonS3
etag
"50eae10ede15e24d7015244f10951876"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
U8k47NVIxge7b9i_Q5imLkiBo8-ivWJaa0AQgac49qikJu5-ZgnkFg==
5406e65db0d04a09e042d5fc
widget.trustpilot.com/trustbox-data/ Frame 9FDA
1011 B
886 B
XHR
General
Full URL
https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=4e3abd00000064000510af6e&locale=en-GB
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.110.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-110-83.ord58.r.cloudfront.net
Software
Kestrel /
Resource Hash
040ac7fa4caf3925219ca63881b36e396847e7d945525900c004c1881196c029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
via
1.1 a822643cd037758e5d30778b27002e1e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
ORD58-P6
etag
"ab32d31b6675a7537648196842bedadc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
content-length
458
x-xss-protection
1; mode=block
x-amz-cf-id
CF-VsFAqkfnz6EfgvocKIyJ6r29zsPMgxcVsHrbLv4mVCVNGAi_6Sg==
TrustboxImpression
widget.trustpilot.com/stats/ Frame 9FDA
0
322 B
XHR
General
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.tescobank.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=4e3abd00000064000510af6e&widgetId=5406e65db0d04a09e042d5fc
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.110.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-110-83.ord58.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 23:19:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a822643cd037758e5d30778b27002e1e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
ORD58-P6
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
Tliz-IpHZ6k9pCs2ep3OjjjSHZKaWZ5fHnRGhKbTHWcs-Q0-goFByg==
x-xss-protection
1; mode=block
fade-type.js
www.tescobank.com/Scripts/Dist/layout/enums/
204 B
3 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/layout/enums/fade-type.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
289bd205ea53fa938c2d0a7c93461dd35949031a6276e09b958b6d06a29987dd
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
299
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:36 GMT
etag
"02ac65fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
slide-direction.js
www.tescobank.com/Scripts/Dist/layout/enums/
258 B
3 KB
Fetch
General
Full URL
https://www.tescobank.com/Scripts/Dist/layout/enums/slide-direction.js?v=1.0.55
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f33f88a254bcf37684d7d11515589de7dd4289a73da40cc1c276e1992547b35f
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
325
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:20:36 GMT
etag
"02ac65fcf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
autocomplete.min.js
www.tescobank.com/scripts/vendors/node-packages/autocompleter/
4 KB
5 KB
Fetch
General
Full URL
https://www.tescobank.com/scripts/vendors/node-packages/autocompleter/autocomplete.min.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.85 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-205-106-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1a4172c4eac3c98b46022ff7a82af8300c0cebba17aa6277d27bff2b2d9bb6f
Security Headers
Name Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://www.tescobank.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date
Sat, 21 Oct 2023 23:19:19 GMT
content-length
2124
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 Oct 2023 13:10:52 GMT
etag
"0d6f48fbf5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-expose-headers
Request-Context
cache-control
max-age=31622400
accept-ranges
bytes
icon-money-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/6755af86-a8f6-4422-9019-5b219c24c16a/
2 KB
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/6755af86-a8f6-4422-9019-5b219c24c16a/icon-money-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e9f5c77e0fe5df9ab80c4a175e30b8998667168c9c12f027e58259fce10ed17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
x-azure-ref-originshield
0aUAzZQAAAABQU4ywtnABS5Sohmwzz1SATU5aMjIxMDYwNjExMDExADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
gBgALdqWniWwHqLmxADMJA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:33:04 GMT
etag
0x8DB1A836543117C
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAAAhhqzRh2P9SpkD+aQrbJb4Qk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
58a465f4-401e-0041-7bb2-02d6a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
icon-suitcase-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/62d85f7e-2ba6-46ea-8365-a3d4603aa26a/
933 B
2 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/62d85f7e-2ba6-46ea-8365-a3d4603aa26a/icon-suitcase-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47ef3758f4446dd066fc12a8456ce08eed5ef9bcf17b0fb53087a2a74fb8d4d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:19 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0aUAzZQAAAACkInF+MB4iR4vKAFqF8OcwTU5aMjIxMDYwNjEyMDI5ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
1Lnfz2RKryrXdkbFMB8T0w==
x-cache
TCP_HIT
content-length
933
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 21 Jun 2023 09:03:24 GMT
etag
0x8DB72365EEA64EA
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAAC6rhpLyGTnRYpEe6IBMMcGQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bd3ea6d4-701e-0006-390f-0309ce000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
icon-travel-money-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/dd9a7069-b957-42b7-a934-21e66a1c8ac4/
2 KB
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/dd9a7069-b957-42b7-a934-21e66a1c8ac4/icon-travel-money-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c42cf6a8875c8be4c3a955c29426d0b37d3490cde8d06feed972756ba1a08dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
x-azure-ref-originshield
0mLIwZQAAAAANcf79nnFSS6O4+YX9Se2bTU5aMjIxMDYwNjExMDQ3ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
gRtVUG58wMfJRZUq1lPVUA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:33:06 GMT
etag
0x8DB1A8366B23A58
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAAAqXzyowagPTbrncf5KNGJYQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e4fb8cd6-e01e-002a-1064-018bf3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
icon-car-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/429b508f-9fa2-4fdd-b2a1-1a82cae11351/
3 KB
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/429b508f-9fa2-4fdd-b2a1-1a82cae11351/icon-car-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
404fcfa2dd6b19270df21cc334598d7433b43311d9eeb6effdf5d62b03c4144f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
x-azure-ref-originshield
0mLIwZQAAAADeWwXtL6UXTZhapTRkocD1TU5aMjIxMDYwNjExMDIxADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
8LqU9BDVz01rDoX7GMCzoA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:33:07 GMT
etag
0x8DB1A83671D765D
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAADRk8Ng7FrJQoHvOQwEXmwRQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
559c073d-801e-0031-5046-02a561000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
House.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/e073fb5c-2fb8-4355-b72f-d468f1e1332e/
762 B
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/e073fb5c-2fb8-4355-b72f-d468f1e1332e/House.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e9c64c8c42fe6df442590bc33b0919933ea03357e1d81508ea57c430628b9a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:19 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0mLIwZQAAAADraIDdKd87QJ5L3QNZAZUcTU5aMjIxMDYwNjExMDQ1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
gdwV5Mko5ALorBabRoqlOw==
x-cache
TCP_HIT
content-length
762
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:33:07 GMT
etag
0x8DB1A83670E5C69
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAAAJXyshvz63Q7LqsmQsyFFdQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c3f585c2-a01e-0062-2605-01b96e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
icon-pet-insurance-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/7d86ffad-d996-495a-a60f-c9e66d5a7aad/
1 KB
801 B
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/7d86ffad-d996-495a-a60f-c9e66d5a7aad/icon-pet-insurance-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73676db6dd446c7ae2a476be5d5c09c649a17288023b9259ed46abf7b7cedd22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
x-azure-ref-originshield
0+3oyZQAAAAD0clCvEcreRpnW5wbv57m1TU5aMjIxMDYwNjEyMDM3ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
3nFSoYqoBr7DkGhQxdI5zQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:32:51 GMT
etag
0x8DB1A835D389067
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAADtTpMIMFojToIFtfN/upqYQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fac6cf7c-e01e-0021-4946-029387000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
icon-savings-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/c363434a-f8c4-4da5-98c2-46b67a3c0a8b/
2 KB
1 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/c363434a-f8c4-4da5-98c2-46b67a3c0a8b/icon-savings-white.svg
Requested by
Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05c2222b87b5ba09017a09807f7bb2e9364e3ab97a13a0554062a720dbc276d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 23:19:19 GMT
x-azure-ref-originshield
0+3oyZQAAAAA487sxg82CTqqrU2HCCYS1TU5aMjIxMDYwNjExMDMxADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
H4dATLl4yru99Wv1//uKhQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 01 Mar 2023 18:33:06 GMT
etag
0x8DB1A8366770B00
x-frame-options
SAMEORIGIN
x-azure-ref
0d1w0ZQAAAAC/T0K4txqKRo8fhFAeplVAQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c2833312-001e-004d-1d4a-033854000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
plant-white-pot--alt-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d386b210-433b-4b29-8a51-d245d86a1392/
19 KB
20 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d386b210-433b-4b29-8a51-d245d86a1392/plant-white-pot--alt-s.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c79eb343b80b5879129b86747d9ecd84d7d9a3c91b7a36e6057f3b4db74f3f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:19 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0xFUzZQAAAAChhdnvjrqnTJPgFyPnE+ivTU5aMjIxMDYwNjExMDE5ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
jFyQbkeAKP8dPktpQQ5DQA==
x-cache
TCP_HIT
content-length
19907
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Tue, 26 Sep 2023 10:57:05 GMT
etag
0x8DBBE7F523CA160
x-frame-options
SAMEORIGIN
x-azure-ref
0eFw0ZQAAAAC0JxiWPDi9RafzVGor09JHQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
226793fa-d01e-0000-0e7c-01feb6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
plant-white-pot--alt-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d386b210-433b-4b29-8a51-d245d86a1392/
19 KB
20 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d386b210-433b-4b29-8a51-d245d86a1392/plant-white-pot--alt-s.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c79eb343b80b5879129b86747d9ecd84d7d9a3c91b7a36e6057f3b4db74f3f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:19 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0xFUzZQAAAAChhdnvjrqnTJPgFyPnE+ivTU5aMjIxMDYwNjExMDE5ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
jFyQbkeAKP8dPktpQQ5DQA==
x-cache
TCP_HIT
content-length
19907
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Tue, 26 Sep 2023 10:57:05 GMT
etag
0x8DBBE7F523CA160
x-frame-options
SAMEORIGIN
x-azure-ref
0eFw0ZQAAAAD6QjDb5G3RTJ+Hu7prPh+aQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
226793fa-d01e-0000-0e7c-01feb6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
dog-close-up-masthead-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5813990-7b9e-4300-acf4-68b263735527/
32 KB
32 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5813990-7b9e-4300-acf4-68b263735527/dog-close-up-masthead-s.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e4b17673464440e47e753ed8e6a3430d4bdf7cb1518b48f13a458a04a0b28a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:19 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0akAzZQAAAAD/wY0OWEnHRL7kRGHEJu8bTU5aMjIxMDYwNjExMDM3ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
F7i0X03k4YC1dHfTTYLGpw==
x-cache
TCP_HIT
content-length
32589
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 23 Aug 2023 14:21:31 GMT
etag
0x8DBA3E43F3AFD93
x-frame-options
SAMEORIGIN
x-azure-ref
0eFw0ZQAAAAAlaKZnjlsIRJ4bYFihGmchQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8894288b-b01e-001b-3c72-03d024000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
dog-close-up-masthead-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5813990-7b9e-4300-acf4-68b263735527/
32 KB
32 KB
Image
General
Full URL
https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5813990-7b9e-4300-acf4-68b263735527/dog-close-up-masthead-s.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e4b17673464440e47e753ed8e6a3430d4bdf7cb1518b48f13a458a04a0b28a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 23:19:20 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0akAzZQAAAAD/wY0OWEnHRL7kRGHEJu8bTU5aMjIxMDYwNjExMDM3ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-md5
F7i0X03k4YC1dHfTTYLGpw==
x-cache
TCP_HIT
content-length
32589
x-ms-lease-status
unlocked
referrer-policy
no-referrer
last-modified
Wed, 23 Aug 2023 14:21:31 GMT
etag
0x8DBA3E43F3AFD93
x-frame-options
SAMEORIGIN
x-azure-ref
0eFw0ZQAAAAAdrfHyR6VGR7YmgEz0XijBQk4xQUEyMDUxMDE4MDM1ADNkYjg3YmQ4LTdjYTktNGQ0Ni05YjM5LTA2OGViMThlNWIxNw==
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8894288b-b01e-001b-3c72-03d024000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
r.rnc
data.privacy.ensighten.com/privacy/v1/b/
0
106 B
Image
General
Full URL
https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=746&i=68rzrs&p=privacy&s=5861&d=8Eh7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0NiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwiaW5zdGFuY2UpAPAUIjY4cnpycyIsInBhY2tldCI6MSwibW9kZSI6ImVuZm9yY2VZAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmdlAPIJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0tQDwIGh0dHBzOi8vYXo0MTY0MjYudm8ubXNlY25kLm5ldC9zY3JpcHRzL2EvYWkuMC5qjwAwdHlwhAACGwBwIiwic3Rhcp4AwDY5NzkzMDM1ODY4N4wARmQiOjEUAHA5Niwic291tgDSOiJhcHBlbmRDaGlsZEEAwHR1cyI6ImJsb2NrZRMAYHJlYXNvbrEA8QkiV2hpdGVsaXN0Il0sImRhdGFQYXR0ZXIdADFdLCIaAKE6WyJNZWFzdXJl_ABCXSwiaX4Azzk5ODMzMDk4MjN9LPsABfEcZm9ycml0LW9uZS10Yi1wcm9kLXAxLWNvbnN1bWFibGVzLmF6dXJlZWRnZRQB8zJtZWRpYS8yMjgyN2U1Yi1hOTAwLTRmMzktYjNlOC1hMTk5YmJmZDdhNzkvdGVzY28tYmFuay1sb2dvLnBuZyIsIkEBIGltDQANPgEuNzA-ATc3NTI-ATFtdXS_AahPYnNlcnZlckNMRQE6bG9hQgEPNwEJBioBrzg2NDg1MDQ2ODAqAZctMTNoAg8qAVkfNioBPfAhNDdiMTU1NmQtZTMyOC00OWJhLTliMzctYmJmOTIyNmZkYTAwL2ljb24tY2FyZC13GgMwLnN2RwIPVAIMLzExKgFhnzcwODU0NDkwMioBmR84KgFpHzOoBD7wHzdmOTdmYzEyLTc2MzYtNDQyZi05NTU3LWMyM2Y5MTk2MzlmZi9tYW4tYW5kLWOSBf8McmVuLWJ1aWxkaW5nLWZ1cm5pdHVyZS1sLmpwagIQLjU0QAEvNjG-BAgfQb0EMZ8xMTg1MDY2MjSTAz3xGmQ0OWJlMWU1LWMzZmYtNGFkOS05MzhhLTcwNzZlYmIwODI1Ny9DbHVikgOPUHJpY2VzLUzsBRYPLgEAKDgwKgcM7AUPLgExrzcxNDEzOTM5OTkuAQfzF3dpZGdldC50cnVzdHBpbG90LmNvbS9ib290c3RyYXAvdjUvdHAuJgAFFwBPLm1pbiUIE0w5MTg5KQICFAAFJQiJaW5uZXJIVE3eBlthbGxvdyMID-EGE685NDkyMTIxNzI49gBpHTmJBTg5NDDdBw8bCQQP1gckBPUAHzPWBwgDxQEP6wFILTky6wEK9QAM5gIP0ggyBfwAHzHxAR0BCwH_JmJveGVzLzU0MDZlNjVkYjBkMDRhMDllMDQyZDVmYy9pbmRleC5odG1sP3RlbXBsYXRlSWQ9LwAF8QgmYnVzaW5lc3N1bml0SWQ9NGUzYWJkMAEA8hs2NDAwMDUxMGFmNmUjbG9jYWxlPWVuLUdCJnN0eWxlSGVpZ2h0PTI4cHgRAPAFV2lkdGg9MTAwJTI1JnRoZW1lPWwjABYiWgpAZnJhbR4MDF0KAPUDDYsBNzU0NZ8FD4ACPY80MDI5Njg4N4QB9y40MAQEEDUWDgX6BA8PA0QDiwEP9gUIDwsNI_IVNjJkODVmN2UtMmJhNi00NmVhLTgzNjUtYTNkNDYwM2FhMjZhtwqPc3VpdGNhc2W7Chc9OTcwkQlHOTc2ObICDC4BDyMHMo80NzM0MzA5NC0BPvIVZGQ5YTcwNjktYjk1Ny00MmI3LWE5MzQtMjFlNjZhMWM4YWM0LQHPdHJhdmVsLW1vbmV5MQGOnzk1MTU3MDQxMDEBPvIVYzM2MzQzNGEtZjhjNC00ZGE1LTk4YzItNDZiNjdhM2MwYThiMQF_c2F2aW5ncywBjq84NTEzNDY5MTYyFQUHD4oDI_IVNDI5YjUwOGYtOWZhMi00ZmRkLWIyYTEtMWE4MmNhZTExMzUxLAE_Y2FyKAGOnzczNzMzMDY5MbIJCA8oASPyFTdkODZmZmFkLWQ5OTYtNDk1YS1hNjBmLWM5ZTY2ZDVhN2FhZCgBkHBldC1pbnN1cpcTDzIBjp85NDUwODE2OTYIDT7_G2UwNzNmYjVjLTJmYjgtNDM1NS1iNzJmLWQ0NjhmMWUxMzMyZS9Ib3VzZZEQEQ_WBWSfOTE3MTI5ODcxjggID1ECI8E2NzU1YWY4Ni1hOGZmD_QCMi05MDE5LTViMjE5YzI0YzEDBw_PBZPQODIyOTExNTA5N31dfQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-31-129.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.tescobank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 23:19:21 GMT
cache-control
no-cache, no-store
server
nginx
expires
Sat, 21 Oct 2023 23:19:20 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| SVGInject function| handlePicklistShowHide object| ensBootstraps object| Bootstrapper function| $data function| $getData number| _delay function| _log object| _enslog object| ensPrivacyBootstrap string| alwaysServePrivacy object| ensClientConfig boolean| ensBrowserSupported object| gateway object| appInsights string| bazadebezolkohpepadr function| objectFitImages function| $ function| jQuery object| System object| SystemJS object| lazySizes function| locate undefined| body undefined| js string| urhehlevkedkilrobacf object| Trustpilot undefined| define undefined| require

8 Cookies

Domain/Path Name / Value
www.tescobank.com/credit-card-apply Name: JSESSIONID
Value: 01CD79017D6705F479485FA785D5D632
.tescobank.com/ Name: TESCOBANK_ENSIGHTEN_PRIVACY_BANNER_LOADED
Value: 1
.tescobank.com/ Name: bm_sv
Value: 284900D941919B1D8C667840BC0BBEB5~YAAQVd7aF7GXuR+LAQAARzCJVBXOyRBmiL7YgoH05C0/yfky+DbE5oA5WCEsmx1WCodLuPsWdEnvT7QRksoyO1kYZRaH5L7TvC+UHcbcxMHz6wbDJ+SRFIc61/6p1+IAeJeh65DCbm7GgdUgMypnG06ckDh5+jTlwAGYYtozqtgOaopAy5uqWMmb2oHOmb6mFUcPQ3sMLE8BT6lElShSI+SL470HrYn9P4ehdzRKSH8pBLyLHP/vL7lvkSs9csHheAqY~1
www.tescobank.com/ Name: AWSALBTG
Value: Cux34HxyKZX+K1Lml186U6cqNuHfCkZSEQwPS3O++dkV0lfcBHcR69ZybbbFetWidpQL0cOnKBa9K2FdIiFaaVNyGlVkv9VLiRvHJhVAHWUk98SQ4NUEJUn3Ryez85fyfSLciSg0D0pFfeBReOYiVNDF8/pc7xzRhpFQn3ouTVhsv34tQ5M=
www.tescobank.com/ Name: AWSALBTGCORS
Value: Cux34HxyKZX+K1Lml186U6cqNuHfCkZSEQwPS3O++dkV0lfcBHcR69ZybbbFetWidpQL0cOnKBa9K2FdIiFaaVNyGlVkv9VLiRvHJhVAHWUk98SQ4NUEJUn3Ryez85fyfSLciSg0D0pFfeBReOYiVNDF8/pc7xzRhpFQn3ouTVhsv34tQ5M=
www.tescobank.com/ Name: AWSALB
Value: tub1IzFotSYxW2nV+r1bUw/D1Fq491Ki9AovmR3HesE3G1DdUfl69zZdXjZvs//VHEl2BrnRat5LPeqteQGCJnqLY51QPSLUrTip0g1MMyNtdjZx/dOiYnw8v0Qx
www.tescobank.com/ Name: AWSALBCORS
Value: tub1IzFotSYxW2nV+r1bUw/D1Fq491Ki9AovmR3HesE3G1DdUfl69zZdXjZvs//VHEl2BrnRat5LPeqteQGCJnqLY51QPSLUrTip0g1MMyNtdjZx/dOiYnw8v0Qx
.tescobank.com/ Name: ak_bmsc
Value: F40BA8D8D57815080242B12C4F467850~000000000000000000000000000000~YAAQVd7aF2uYuR+LAQAAXjSJVBWyv9Ul6a2RhOpfXG1oWNUILG0zSsQ0Z/MfcWr4sVZ8R/yggnikBtWvDQlVqsl8IDg5ZZu4ZCwA3AtwMlyRWgv86DeRiza4ltmkvkPNWgpY7rh0lBEYJCLsWwU00VJ+LeX2pbBK4RYDnqnbTIW7+9M1XQJ/DyZ9STYa4pwBZIINlIeh60IpGVY3eRRyj4jNuJYuVR+UW8uFyCGLn9RXS3bYreKGUAM3QU259Khn5uiYGmzQExzzQ8DA2MjoR2O1FmfT5xpw8w6Q9tLKAVLHrF+jEY+8J8Rz1GGNDVugXDC5v5/ZhiCzGnajnRhoaL3A0Jt5nBJX026GpDdM9pcxHIrffEuKxAjOZIzzrz3BnKH6tskAqagHDgfv8T0LOZpf9d7eVyp6NN46XNmzQkU5Hr7D0SZFbHmUzf8TuyCrCMsgxKJLxkTedEzMZsCwEZlBoKEpy7ALgjwq8duS5bNLKbhkcu5ItA==

2 Console Messages

Source Level URL
Text
javascript warning URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-7a2667d51e09f1fa06c5e2f5b5108eb9' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.privacy.ensighten.com
forrit-one-tb-prod-p1-consumables.azureedge.net
nexus.ensighten.com
tescobank.azureedge.net
tescobank.com.s3-website-eu-west-1.amazonaws.com
widget.trustpilot.com
www.tescobank.com
18.154.110.83
23.205.106.75
23.205.106.85
2600:9000:2501:8800:2:8f43:5780:93a1
2620:1ec:48:1::40
3.234.31.129
52.218.52.66
040ac7fa4caf3925219ca63881b36e396847e7d945525900c004c1881196c029
05c2222b87b5ba09017a09807f7bb2e9364e3ab97a13a0554062a720dbc276d6
06a25eb20544eaa0fb6eea364fea588a79d6adc4fd0e6e909b6762a0cfb1974e
0b9f29ff84f1dd1eed259d636610d91e5f8b4e99cadf5886073c70bf2039ea9f
0e9f5c77e0fe5df9ab80c4a175e30b8998667168c9c12f027e58259fce10ed17
19c38c1f19eb506cf0eb52cfdf697831a5f2b371164a7b4b1090d4e185a2c14f
22c07af3234f9d6dc7f9a781740625e4c7e4287a9ce9709f6d89c36b962b23c1
289bd205ea53fa938c2d0a7c93461dd35949031a6276e09b958b6d06a29987dd
2abbde538b651d9b4054613603e8c75229f9d26e3ce4ec068847146e8cf7cd32
39cec5c589dad5f6e34020ac8d837e7cc94ed28f2cff4fbf6710a698fa9adb8c
404fcfa2dd6b19270df21cc334598d7433b43311d9eeb6effdf5d62b03c4144f
47ef3758f4446dd066fc12a8456ce08eed5ef9bcf17b0fb53087a2a74fb8d4d1
49a997ad3efef8509cc12ab2366b550e8b62559764b6402e1565ba5431f6d907
4c42cf6a8875c8be4c3a955c29426d0b37d3490cde8d06feed972756ba1a08dc
4e4b17673464440e47e753ed8e6a3430d4bdf7cb1518b48f13a458a04a0b28a6
568219ca839f8425765048f6ff3214e8fa5ce4025f4315e7e1e3be5b906c0b63
5f0cf82d5e09e03fada71e328cf7f97ab29015542c419c48d40ebe1569143223
5f9c15b61eb2e0552290225807a6826c7dc7b8396fa3c05ead5b24d2a9b0ba10
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
69c6b0a76d4f92915c0580e33ea1177e46b7fc1fd07b2c15f0b6adc358f50096
6a477a71358f9744e891c82b452d815d069e0751b250953b5d0f64e2f9c11f04
6bea6a3f8b075c57e85de9bf05d1e2c793c430041765c2a0c4b99ac1d3bac106
73676db6dd446c7ae2a476be5d5c09c649a17288023b9259ed46abf7b7cedd22
7930f8fe550eb2eb38ac682205664ab072a4573b911831aff82f7f65433e6e37
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80e2a6156b3f132c69c53d4d3d2993c04a302f335c643de634d35da96ac839ba
85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84
8a34d5bf04784d240998095d06dbfd6309d2e414ec864e5440618cec9ac93cff
96a482508f00a8a096bbc2df310b0dccd9c2c8152de1514b089427724f664001
a1e52d77264de139e04bb7eb4d8ceea358f95e06356b527fb50bb3054b2d62a6
aeaf08bf51932d94a7a090d5bd46bb0e6abd76fd09a63d1c850f02aa1df38ff4
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
ba8e979d59f1d06ff972a70ba841d5570268abeee56561a861ddd7285f78ade2
bec657d46177b9cf0cee63eb05767dfc70c0913baf015b30771162dcb1e706a9
c79eb343b80b5879129b86747d9ecd84d7d9a3c91b7a36e6057f3b4db74f3f7c
d1a4172c4eac3c98b46022ff7a82af8300c0cebba17aa6277d27bff2b2d9bb6f
da9f4dea6393d51ddd8834418a2c8c795869ea07d256afd0b15d86743cab272a
de219074ff2fbcfc4c1724036bdf883ab0b27568a87b9972eb64011cfc07ba9e
e19a267c1a8b205b022e155d7c65adb9468072ba26bf277ab916e937586f603c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5009170864964460be50a307724eae186bd9e6e8ba3bc88a35b91109764006a
e8afb3bd7f0dac45859002aa802c7aa728ab0946a7dc4ad7977f160c2caa8cb4
e9c64c8c42fe6df442590bc33b0919933ea03357e1d81508ea57c430628b9a3c
f33f88a254bcf37684d7d11515589de7dd4289a73da40cc1c276e1992547b35f
f7f05dd901605ce42b2a5f717cfa09bcc3a662a3a802959442847e928e12d97a
f8a0d031124f300127c0360780cba45570153bde6c2092d1cf411df8a611e798
f8b27c81b68e4d7268077c8b7ea7f079f74ffd53f62957d7e17d745823636f63
fc3de12503ecb116a9f44677fa8d2b1c066d2313189b89fb2df5817f5d907ca2