sain-c-web-elb.uat.hdexternal.co.uk Open in urlscan Pro
18.133.154.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sain-c-web-elb.uat.hdexternal.co.uk/
Submission: On April 18 via api (April 18th 2024, 3:57:56 pm UTC) from US — Scanned from GB

Summary HTTP 95 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 17 domains to perform 95 HTTP transactions. The main IP is 18.133.154.58, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is sain-c-web-elb.uat.hdexternal.co.uk.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 30th 2023. Valid for: a year.

This is the only time sain-c-web-elb.uat.hdexternal.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	18.133.154.58 18.133.154.58	16509 (AMAZON-02) (AMAZON-02)
29	2600:9000:235... 2600:9000:235a:b000:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
9	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
95	11

25 18.133.154.58 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

sain-c-web-elb.uat.hdexternal.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:235a:b000:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

smetrics.sainsburysbank.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1272	164 KB
25	hdexternal.co.uk sain-c-web-elb.uat.hdexternal.co.uk	371 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	1 MB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	480 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1361	4 KB
1	sainsburysbank.co.uk smetrics.sainsburysbank.co.uk — Cisco Umbrella Rank: 641060	481 B
0	google-analytics.com Failed www.google-analytics.com Failed
0	sc-static.net Failed sc-static.net Failed
0	tealiumiq.com Failed collect.tealiumiq.com Failed
0	pinterest.com Failed ct.pinterest.com Failed
0	ads-twitter.com Failed static.ads-twitter.com Failed
0	googlesyndication.com Failed ade.googlesyndication.com Failed pagead2.googlesyndication.com Failed
0	corvidae.ai Failed cdn.corvidae.ai Failed
0	usabilla.com Failed w.usabilla.com Failed
0	demdex.net Failed dpm.demdex.net Failed
95	17

	Domain	Requested by
29	tags.tiqcdn.com	sain-c-web-elb.uat.hdexternal.co.uk tags.tiqcdn.com
25	sain-c-web-elb.uat.hdexternal.co.uk	sain-c-web-elb.uat.hdexternal.co.uk
15	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com
3	www.facebook.com	sain-c-web-elb.uat.hdexternal.co.uk
3	bat.bing.com	tags.tiqcdn.com bat.bing.com sain-c-web-elb.uat.hdexternal.co.uk
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
1	js.adsrvr.org	tags.tiqcdn.com
1	smetrics.sainsburysbank.co.uk	tags.tiqcdn.com
0	pagead2.googlesyndication.com Failed	www.googletagmanager.com
0	www.google-analytics.com Failed	www.googletagmanager.com
0	sc-static.net Failed	tags.tiqcdn.com
0	collect.tealiumiq.com Failed	tags.tiqcdn.com
0	ct.pinterest.com Failed	sain-c-web-elb.uat.hdexternal.co.uk
0	static.ads-twitter.com Failed	tags.tiqcdn.com
0	ade.googlesyndication.com Failed	sain-c-web-elb.uat.hdexternal.co.uk
0	cdn.corvidae.ai Failed	tags.tiqcdn.com
0	w.usabilla.com Failed	sain-c-web-elb.uat.hdexternal.co.uk
0	dpm.demdex.net Failed	tags.tiqcdn.com
95	18

This site contains links to these domains. Also see Links.

Domain
www.sainsburysbank.co.uk
online.sainsburysbank.co.uk
insurance-online.sainsburysbank.co.uk
petinsuranceportal.sainsburysbank.co.uk
www.insurance-sainsburysbank.co.uk
sainsburysbank.cashpassport.com
sbmoneytransfers.moneycorp.com

Subject Issuer	Validity	Valid
*.uat.hdexternal.co.uk Amazon RSA 2048 M02	`2023-06-30` - `2024-07-28`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
smetrics.sainsburysbank.co.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-06-20`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-18` - `2024-06-27`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sain-c-web-elb.uat.hdexternal.co.uk/
Frame ID: A32F6F568FF299D739388B62E8AB1D24
Requests: 94 HTTP requests in this frame

Frame: https://w.usabilla.com/aea56184d1d9.js?lv=1
Frame ID: E304251918213507AC7441F8E428996C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entry Page

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

84 %
HTTPS

50 %
IPv6

17
Domains

18
Subdomains

11
IPs

3
Countries

1792 kB
Transfer

4602 kB
Size

9
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sainsburysbank.co.uk/index.shtml

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/borrowing/bor_borrowing_zone?source=NETHDDECTOPNAVBR0002
Title: Loans

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/credit_cards/cca_creditcard_zone?source=NETHDDECTOPNAVBR0003
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/savings/sav_savings_zone?source=NETHDDECTOPNAVBR0004
Title: Savings

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/insuring/ins_insuring_zone?source=NETHDDECTOPNAVBR0005
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/travel/travel-zone?source=NETHDDECTOPNAVBR0006
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/doublenectar/index?source=NETHDDECTOPNAVBR0007
Title: Nectar

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/insuring/support/customer_support_zone?source=NETHDDECTOPNAVBR0007
Title: Support

Search URL Search Domain Scan URL

URL: https://online.sainsburysbank.co.uk/servicing/register
Title: Register

Search URL Search Domain Scan URL

URL: https://online.sainsburysbank.co.uk/servicing/signin
Title: Log in

Search URL Search Domain Scan URL

URL: https://insurance-online.sainsburysbank.co.uk/sainsburysbank/registerportaluser.launch?PolicyType=PC&brandName=default&qsid=portal
Title: Register

Search URL Search Domain Scan URL

URL: https://insurance-online.sainsburysbank.co.uk/sainsburysbank/portalrecall.launch?PolicyType=PC&brandName=default&qsid=portal
Title: Log in

Search URL Search Domain Scan URL

URL: https://petinsuranceportal.sainsburysbank.co.uk/register/
Title: Register

Search URL Search Domain Scan URL

URL: https://petinsuranceportal.sainsburysbank.co.uk/register#login/
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.insurance-sainsburysbank.co.uk/customerportal/Account/Register?ydat=1a912cd113964d68b638567b80f78608b6d5f4a3b56d48c183e80639e3ce4f17
Title: Register

Search URL Search Domain Scan URL

URL: https://www.insurance-sainsburysbank.co.uk/customerportal/?ydat=1a912cd113964d68b638567b80f78608b6d5f4a3b56d48c183e80639e3ce4f17
Title: Log in

Search URL Search Domain Scan URL

URL: https://sainsburysbank.cashpassport.com/register-card/
Title: Register

Search URL Search Domain Scan URL

URL: https://sainsburysbank.cashpassport.com/login/?returnurl=/my-account/
Title: Log in

Search URL Search Domain Scan URL

URL: https://sbmoneytransfers.moneycorp.com/
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/savings/sav_fscp
Title: here

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/onlinesupport/online-termsandconditions
Title: Online banking terms & conditions

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/legals/leg-reg-privacy-policy.shtml
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/onlinesupport/support-online-accessibility.shtml
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/security/security_protect_yourself.shtml
Title: Security & cookie information

Search URL Search Domain Scan URL

URL: https://www.sainsburysbank.co.uk/legals/leg-reg-section.shtml
Title: Legal and regulatory

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sain-c-web-elb.uat.hdexternal.co.uk/ 47 KB
49 KB 244ms
136ms Document
text/html 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

b79ab5b6a1ce914529325ce3febfda6c39da6c3646d8e1323d0350b526c9bf66

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 15:57:51 GMT
expires: 0
pragma: no-cache,no-cache
server: server
strict-transport-security: max-age=15552001; includeSubDomains
x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 select2.min.css
sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/ 15 KB
16 KB 456ms
455ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/select2.min.css?v=bGIr2eQMtuDMCbWn6FHeKfZe_XtFU1XKEFEiFD8LExs

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

6c622bd9e40cb6e0cc09b5a7e851de29f65efd7b455355ca105122143f0b131b

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 15195
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33555b"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 200 font-awesome.min.css
sain-c-web-elb.uat.hdexternal.co.uk/plugins/fontawesome/css/ 30 KB
32 KB 461ms
460ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/fontawesome/css/font-awesome.min.css?v=gg4WnOJIJAZtmXP9S2Vhqunc1tvvZDXakF1aHWSCmXw

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 31004
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33171c"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 200 jquery.qtip.min.css
sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/ 2 KB
3 KB 403ms
402ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/jquery.qtip.min.css?v=kLnJXGWgBN9nunUAfP2whqMe-BiUANTcYPEo2Qyybus

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

90b9c95c65a004df67ba75007cfdb086a31ef8189400d4dc60f128d90cb26eeb

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 1696
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b3368a0"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 200 sb-styles.min.css
sain-c-web-elb.uat.hdexternal.co.uk/css/ 47 KB
49 KB 461ms
460ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

69d250684b523a2099d68d4a9c9c6129e5aef0511e101988d8ddcaee9ff2d9dc

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 48316
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33d2bc"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 200 global.min.css
sain-c-web-elb.uat.hdexternal.co.uk/css/ 515 B
2 KB 461ms
461ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/css/global.min.css?v=pca-kjJKaswcmTP4KtcfNWUXO_oT_gxc9--lCvz7hvQ

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

a5c6be92324a6acc1c9933f82ad71f3565173bfa13fe0c5cf7efa50afcfb86f4

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 515
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b336c03"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 200 form.min.css
sain-c-web-elb.uat.hdexternal.co.uk/css/ 3 KB
4 KB 404ms
403ms Stylesheet
text/css 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/css/form.min.css?v=sfRfHxm05fzXo3SzTlDyuMEhsD3_KOTVaA0HrNijpBk

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

b1f45f1f19b4e5fcd7a374b34e50f2b8c121b03dff28e4d5680d07acd8a3a419

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 2668
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33646c"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
expires: 0

GET
H2 500 bluebird.core.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/polyfill/ 0
0 444ms
441ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/polyfill/bluebird.core.min.js?v=3zTimbR5ZoPHH51uX6g64T2MHQw-Gtm-hjgNlgKDUsQ

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 jquery-3.2.1.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/jquery/ 0
0 434ms
432ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/jquery/jquery-3.2.1.min.js?v=dbcH2HYeK_vSX71mHykKT3_RHEjhv1Ojbca9igA0-jU

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 vue.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/ 0
0 372ms
369ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue.min.js?v=r34fp-h4zglNh54M4hzYuDpfgrH1FhP3NvZVJZOGCyc

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 global.min.js
sain-c-web-elb.uat.hdexternal.co.uk/js/global/ 0
0 460ms
458ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/js/global/global.min.js

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 jquery.qtip.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/ 0
0 370ms
368ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/jquery.qtip.min.js?v=dN7ztMD0edH_K1PLR0ScZNXnipipN7a1xEP3VE5E3dM

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 jquery.blockUI.js.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/blockUI/ 0
0 439ms
437ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/blockUI/jquery.blockUI.js.js?v=P9sTi9IZlFs4mZtSmEz029vMwm9GZuyOYX8UQdk5_D8

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 moment.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/moment/ 0
0 441ms
439ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/moment/moment.min.js?v=DYyWoZ81AkDpPAJcZqoKFkhTnt5EV74MlgFi8yEr0lc

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 vee-validate.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/ 0
0 404ms
403ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate.js?v=AYowCIVjCV1Pg3S9CXPc7A9o9P8iAYzUwxWX1EydNmw

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 vee-validate-de.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/ 0
0 372ms
371ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate-de.js?v=cPTbuJcbr76er1DkenWy6TMVIk6Ie8oRJvvxVRjHj2Q

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 vue-j-ajax.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/ 0
0 367ms
366ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue-j-ajax.min.js?v=zn9afw-vzoofMCCW0zm3xGu19RUwE5oKjrAWUMoF0rc

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 select2.full.min.js
sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/ 0
0 380ms
379ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/select2.full.min.js

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 500 form.min.js
sain-c-web-elb.uat.hdexternal.co.uk/js/form/ 0
0 568ms
567ms Script
text/plain 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/js/form/form.min.js

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
pragma: no-cache
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
server: server
expires: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 370 KB
87 KB 568ms
461ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Requested by: Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb23d207cb9dcfb102be7879637882afaab6a329cdf7d19631c8c734974b857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
x-amz-version-id: Vevf8DnpDVudwPoqIR9LHGF.wDnYUB7M
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:53 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"90fc32d4c10a2fe8395f42a5a5fa6a69"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: gFvffNjEpee3gmx1onb-xx-B3JB9ecnA72mlr1M-DR4YDk9d3I9xFQ==

GET
H2 200 logo.png
sain-c-web-elb.uat.hdexternal.co.uk/images/ 4 KB
6 KB 232ms
232ms Image
image/png 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/images/logo.png

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

978e526a69d3d73ccfc069c51ee01e64a45c45bcd354cae7bed6053e19016c6f

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 4426
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b337f4a"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
expires: 0

GET
H2 200 NewBanner092020.jpg
sain-c-web-elb.uat.hdexternal.co.uk/images/banner/ 70 KB
71 KB 68ms
68ms Image
image/jpeg 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/images/banner/NewBanner092020.jpg

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

24e6338e1845bcbe04bebea96ce2b49b8f751b01205bbb688c63c14449fa5dd4

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 71482
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b32793a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
expires: 0

GET
H2 200 mary_ann_web-medium.woff
sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/ 59 KB
60 KB 62ms
61ms Font
application/font-woff 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/mary_ann_web-medium.woff

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

4dd37d196f4370bcae0e1600f1ac1485b690ff57147eda3e8d9d1f63634bc28c

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw
Origin: https://sain-c-web-elb.uat.hdexternal.co.uk
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:51 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 59952
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b338430"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
accept-ranges: bytes
expires: 0

GET
H2 200 mary_ann-regular-webfont.woff
sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/ 37 KB
39 KB 342ms
342ms Font
application/font-woff 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/mary_ann-regular-webfont.woff

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

2bccf05066de38d3964446ca0c254aba2ad295496cbbedf39e0d66bbe9e1de89

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw
Origin: https://sain-c-web-elb.uat.hdexternal.co.uk
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 38344
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33fbc8"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
accept-ranges: bytes
expires: 0

GET
H2 200 mary_ann-extrabold-webfont.woff
sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/ 38 KB
39 KB 226ms
226ms Font
application/font-woff 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/fonts/mary_ann/mary_ann-extrabold-webfont.woff

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

a777cee8ad78a63fd55a4345bd5c60c8ab1034563c3915bffb6f04d4bb5c7dc2

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/css/sb-styles.min.css?v=adJQaEtSOiCZ1o1KnJxhKeWu8FEeEBmI2N3K7p_y2dw
Origin: https://sain-c-web-elb.uat.hdexternal.co.uk
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 38652
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b33f8fc"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
accept-ranges: bytes
expires: 0

GET id
dpm.demdex.net/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 136ms
44ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Apr 2024 15:57:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=12, mss=1294, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Dy4ju4LSOIWoE+9Qa1px69mIjPtVwW2fGjwuKCv4GaGsejAAkwQlyCJATkteN28zb0NH3M10dClf5scrVcfetg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 172ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2836b69ea18e3678f6e4cdc0fcee189ab6f451896f8b696d4cf3145a6cfd3da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 id Show response
smetrics.sainsburysbank.co.uk/ 48 B
481 B 190ms
58ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sainsburysbank.co.uk/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=F9F4CBC1556ED7BC7F000101%40AdobeOrg&mid=35449994261820576963640518772753105034&ts=1713455872887

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

6d8a9e07c2037728437439c71c26cc73bbe1cabb617777c896fed4372d78d251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://sain-c-web-elb.uat.hdexternal.co.uk
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 utag.433.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 166ms
161ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.433.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa92b47633e755ab745db02897f187961f402f3d146594c11928fc83d431b280

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
x-amz-version-id: J9VcwzLKqaMzbMxcX93AjXr7PjwVvJJB
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:37 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"1cbc2fa22948bded7c6236e2e2ff47be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VLz-L_UiJN4pRDRXE89zUI_AFLpKRsxUmqWG45WpKKLgmYXbrekCrA==

GET
H2 200 utag.231.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 165ms
160ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.231.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8694f20aeb322a82f3be4d89b9866d68d70210326e542b60599494c30ee23c45

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
x-amz-version-id: 9YgCfimFBwp9.g.6fJzfHiFUr5mKe07x
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:26 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"b5ba30dfce6069834f77abff573d77ae"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1J1oEc5hhS_nYmgfbG3pEqfWkyoGyX3kEH0GM-D9Nkx0Oa6cisfKwQ==

GET
H2 200 utag.237.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 4 KB
2 KB 178ms
173ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.237.js?utv=ut4.48.202303291315
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73b400ef7306d494b8bbbeb3b25aad62c2ea7c0d05d995c0805e5d93b1707e0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
x-amz-version-id: U3TuFvuz_5LPrmTDCVJuFGLcm1MCjXfq
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:44 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"7b3539a4a0fc114362dc4a38a985b3f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: YNFCFco0tvHLRUe8HuQKMy3iKGxcWyXlQ77cjMIkE7YqpT_V52Hkww==

GET
H2 200 utag.253.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 15 KB
4 KB 445ms
441ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.253.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5445c10e779c6a333540bb2a68f8b9a16fd735393c75b5acc4bbde6588b34689

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: YU2X2m3qxJLV51v3oRbI5TxQvZ.ksImB
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:51 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"f8c3bb01bceb0d446fab3fee4e3d3830"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: squ05qNW2LVKG9jd-Nvr4uGtr4l5NrMFWgZgvY-juxOWvLAbQsyzWw==

GET
H2 200 utag.354.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 452ms
447ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.354.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13a758cdff3621865571484199edaca2441a19a719fbd5fcf4a2d5300c22d89e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: YF3nsM_k75jAvEC.wx16P0P7YJ5_rdTe
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:29 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"86086a80e8eff2cf4e2a93e99e134471"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vH0hk1pxsZBb1DKlrOoSVvZi6L3AxjexIMMoPFJ1oMOgC5Qiyh8Onw==

GET
H2 200 utag.356.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 4 KB
2 KB 443ms
439ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.356.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f43687ea0990e28ccb519a4833e0156542f622c350658a4202f5b21d1938f6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: aDaKR5pR4Becp2hvOsgSw8KffKDF0.SS
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:49 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"18aebfee521ddb894dcc115de6c8a26b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: LzR8WFcy9ZchAOBg-YMLmd90u0dwx_ytfehqPxy8AtJjfrMUZuk1Wg==

GET
H2 200 utag.359.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 452ms
448ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.359.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53dbfc69af7fd0794a84ecf8c70d8edfdd785f46544a4a5e4d08f766d8d9847a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: hiMbVQhWpkzGhR5YHfV3Lah6jsfSYLLw
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:50 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"6f1b91b2ea1b0c44b7a3a48b51e1eb97"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: sayFHKApamriDw9kvYH6A2iVuUedOCzjvg9EBVgOOab4uG8dCwNcKg==

GET
H2 200 utag.390.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 459ms
455ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.390.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f286b99946fa80fd36b75bf64176fc098d4dd9f0ab713a643e06a9420cb12b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: Iz3fsLfGCla2BrHfngqQvwEqqQitZqIS
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:42 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"7936e8f9b4bb7db0b8c1a6ebf424f530"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: NE8H1RCEEPkERhuz2qYeMNYFMtlW9C4rtHfkJAnMkWklH4B6ctMgMw==

GET
H2 200 utag.391.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 457ms
453ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.391.js?utv=ut4.48.202310211658
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 387eec1ecd1a85aee2799731b8bc34d16b2a414025a2f51c329a618737301867

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: hSeP_mi4ytUBXi4ohgfNsppAsdkxGX2F
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:36 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"ae1c49a2daa07a7123a7cde7bc6125ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: r_JsyEM3It1GD2Ft5xC4tbsvFt-NOCMk9vgsosTP3gI76tcvao_Wiw==

GET
H2 200 utag.452.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 10 KB
3 KB 448ms
444ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.452.js?utv=ut4.48.202404091529
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0519524bf194bf4ff8c2848ecbaeb019d21fe91f1af0a4c2586e6327ceb884a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: Jr4mW3SZTeW.n_phy_vX0H3_O4kxIOnD
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:49 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"f478f6f72e855505595a5bb6d4e18f8f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: qNJJY00p0cQIQgIT6btoBlc0ZsgF7flKWjHqvoqpIs7dOCXnYUqTAw==

GET
H2 200 utag.466.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 10 KB
3 KB 524ms
520ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.466.js?utv=ut4.48.202112231544
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3952335b6bef68e852c1e0cad73db9306c9188a6c0d2fd28564312d158dc9f6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: h7J5Ym2liyAmjC8TsUbrCkAiD5QPHYU3
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:29 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"4b06eecff81caa7cd317081fbf30f742"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: h0ZGhjusHXmWlce4axSpow29vKnunqiizMf8qjx6kwnTRtbhMK8iHQ==

GET
H2 200 utag.469.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 27 KB
7 KB 512ms
508ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.469.js?utv=ut4.48.202403051611
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e9fa85f9dd864d935424a7d68233f3807c765daa6706b7327712a694871a946

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: HWN.nPUoKLYQKGGOEFJy.haBlp6u8dwF
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:35 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"460cb6f9590794785533da8f1b82885d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: VH3S7WkV1ocN7RT-n517bX4l_r8_hFQ1_KEiRURaMTf69ZyVtSn6Ww==

GET
H2 200 utag.483.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 4 KB
2 KB 553ms
550ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.483.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f136a25b3f335cb52ee4ddad8229366c7b2cb7eb3af978516d8696cd1b348707

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: CETD_YzPCq3tlACvjnawiMRkM4RU_vaQ
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:46 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"edac9c669dbb6d4b6a387c889be46f6b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: aF34yQUq99I33p44Gl2o55JSTSX7epV-d6ARXhXTnMjOXTXywtMzLg==

GET
H2 200 utag.600.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 4 KB
2 KB 494ms
491ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.600.js?utv=ut4.48.202110260602
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6a6056c11bbb66d5ce7f129fd0727d3172ae34e86f9c7fafcfca06eeafae647

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: M0C0MadXzHtC93L88RbOmsCTxGoBzd7V
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:37 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"2efa58cca157c33878195edc6d79850d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 9sJhJPKhez75LelwPigN0Wm7cmMIbvuak3sQdgRxwX5DQtfCqnRVmg==

GET
H2 200 utag.602.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 3 KB
1 KB 481ms
478ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.602.js?utv=ut4.48.202210181055
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 952c9c681c6bd9e1530817cbbea4b7941a8c313695532f0b61fc6c866d02a46d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: Q3FI4i.19gDRa.c4fhD58.89QlyUGQRF
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:51 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"795c620463f6c6cd08c3744890994679"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 754xEZSaaOFKEI6yUNNhLk7K3HSIrzgH3iaxWYKtt3LQfZSy2W9Z8A==

GET
H2 200 utag.605.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 2 KB
1 KB 512ms
509ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.605.js?utv=ut4.48.202203151638
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee6617941bea62a2dce71601e113d1130d9891008bea1da5fc1d046d7700f335

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: R1oKzQksoEK6hGPl_Q6DZoqjUfh5iGoO
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:35 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"bd67f15d98f799618260fa493fd3aea3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Pfh91DvKMB79HF5VRhLH5tubD3-5_xr_du3prUnz7VSOedGAQh8q9w==

GET
H2 200 utag.623.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 6 KB
2 KB 216ms
213ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.623.js?utv=ut4.48.202310211658
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ac4379a2fbb71ad222ddb39c1956042f7594328a1f1861ff64edf9c7517d10f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: EnP8bt4heoml3lpSZd.IRGFqn4S.5Nii
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:32 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"034d27a36b143665c37c254b7914d49b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: wu_j2Xau_j5kKBX3M_Eu9WbKyiagtU8N5OJ8vy_6QE-3n8vBF5VWeA==

GET
H2 200 utag.649.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 7 KB
2 KB 503ms
501ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.649.js?utv=ut4.48.202210181055
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4beefe4edd6e2f6b78a6280eaf8c7457c38f533e61657a1fbdd114be1a6869e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: UXp8cGRj6.e1LSI4fdTASketBa2neUJX
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:43 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"acc14aa6e1b51dacda1d9f7cc5585288"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 0dxnuIsEeGAi8gpEG6Q_5UDBIjWzN54WX1PtdeT4RctQPoRu9jq7VA==

GET
H2 200 utag.614.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 18 KB
6 KB 498ms
496ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.614.js?utv=ut4.48.202203151638
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4385b7739503c520dea6fa4533762e6481906f356e30ee8f64ad27674344a4c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: oWwNKHub3NYnb4Iae_G8jztZBKWpDQRZ
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:46 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"ecd341d2429cb78c7c0d6728d8ce1b15"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IxvO1ou3YkYilK1tkTLVOAY8Se1jOdDoDui3bShXe9jN_C8kKLK3nA==

GET
H2 200 utag.669.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 204ms
202ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.669.js?utv=ut4.48.202403270955
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4547f59ab7e0246dd9ec93412640d92bd9ec3a540b28756970bdfcfb21cf0946

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: A2l3.YuyDzCWYrcUDee_l6zCQ359ns6D
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:48 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"cd5792f783f5d65f31a2b9eb3f098bf1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: JhNkwDGXZeH669j7xDgLNw_DFc3U9ZEPbYx2GbumHwfC1sCZiAkJCg==

GET
H2 200 utag.670.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 540ms
538ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.670.js?utv=ut4.48.202404021306
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dbc11550ff5dcce06dc8df02af7d0567b36a23c327c47f2ceea3bed42eba9dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: N1JN5wDWqYHj3_Ncv1V5isioahiYnrwo
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:53 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"7903ca7360fd33552644b40686f6b15e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: D6JOCeIyk_USXtgU9k7tcLyxWRB61JpjoS7wI_0NfnkWjE9Qo4DsgA==

GET
H2 200 utag.671.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 220ms
218ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.671.js?utv=ut4.48.202404021306
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2550340d5767d92487a3720b3682dc80fca1533654dc2f86d5376da2142f286

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: a4Bl9_vgX4P2S1TQhXdgMZEdq5PZ1z2j
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:48 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"ff4e9d1f8f9dc4927b4e8a030b409ebb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pkC7-T9YdQC5JrfiNk3nShX745zyPRYswIt6BOtu77Y5KjqXSfSMHg==

GET
H2 200 utag.672.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 494ms
492ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.672.js?utv=ut4.48.202404021306
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae4e275d81d15d1212c08fb0d6f4b805c995baa7a6c3b3598ccac2833b7ba986

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: .aC4IZ1pEUmTJnaxtMygrvZLJflyKS2d
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:47 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"e6fbb51efe08f0600b1e6548fe6d6034"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ijrIcGHvncVi21A2NKMh2lJkE7eWFhrb8pmEAbyE0hBVc17CV9jzCw==

GET
H2 200 utag.673.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 13 KB
4 KB 503ms
501ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.673.js?utv=ut4.48.202404021306
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39075645b3a28653aa1eefca3953fc40cbc4276015dc7a461d287a2f2ef4d71b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: nDKcYKGkl1HZ2oMj0.Om_l90XEW6zWNf
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:40 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"8ad938647d062610da07ebf00a43e826"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: HD4Vjf-uJh5D-LRTuQRTOdoDQ88_Mzi6nbgaoZbQKFotnSQMXTC7gw==

GET
H2 200 utag.674.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 496ms
495ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.674.js?utv=ut4.48.202403270955
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b79de549f3732fb7d702f5c5e50cba8c4dc3e96a6d5d5f0a7544256968819e0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: aP_QggBNhaSK3O6vBp6GMSK5rFo_K8mm
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:27 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"df03ab4fb8d9aa709c26693bc35ac701"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4Y6C9XThUr_-nJh99h7F--WwXhOIqQ7cLb_LQyEwGD0YEQefvsZT0A==

GET
H2 200 utag.675.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 12 KB
4 KB 526ms
524ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.675.js?utv=ut4.48.202403270955
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e502cadd5aebf44bf4fcebee6e5d973c9628137b10f80f3f3d5175781029e6fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: 98_F_ws2dZ3Zw877jcdcl3.LycamweTF
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:37 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"72f6007b5c2a0c99d15717273c1f4af9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: khb3SUS0XA-JhgGAwAsiWIsJI4Su1fonsprFLV43rf_j1NYWq-Pomw==

GET
H2 200 utag.676.js Show response
tags.tiqcdn.com/utag/sainsburysbank/main/dev/ 13 KB
4 KB 266ms
265ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.676.js?utv=ut4.48.202404021306
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7746930a193bd444061a2aaac79a413ea1644a3ca5db9b2c1115425c48d699ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:54 GMT
x-amz-version-id: .yGgk9HMp6jJ4HX3cgzZdzAu1O3PNNVu
content-encoding: br
last-modified: Tue, 16 Apr 2024 14:19:47 GMT
server: AmazonS3
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
etag: W/"cfbe9b18df00236650b24eb38f62d3a1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ILMh9X60qLu3eJJ5RwDsrUuSmaVK5sjYDWPVnvjUNRq-PVhWE-unxw==

GET aea56184d1d9.js
w.usabilla.com/ Frame E304 0
0

GET id
dpm.demdex.net/ 0
0

GET sp.js
cdn.corvidae.ai/2.9.0/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 72ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-3984747&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f99888d7bfd810a7ec46ec915cba752e4a56053905afafe24228840bc2eb4333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72234
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-940892&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

061c95624dd933058a122803123ed39748e7b296b7fca48f7139de70200df788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74769
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 128ms
127ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-974088291&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a55e9b56edbbf3a4c63e1d7805ff7efebad8ba07353c88ea4f7a9f265245b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85542
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 173ms
172ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071281289&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04496264d9103279bc3d7a5a5749d504cfbb418a0bda3bb747b9e4f321d70eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85737
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 165598935295352 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 199ms
198ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/165598935295352?v=2.9.154&r=stable&domain=sain-c-web-elb.uat.hdexternal.co.uk&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89821b5d6b81db001008fb18ef0ad4925b2fc5d8220f4bd3a661b7a4d55b49c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Apr 2024 15:57:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=64, mss=1294, tbw=63181, tp=-1, tpl=-1, uplat=155, ullat=0
pragma: public
x-fb-debug: 9JH0TiPblPE7XhCYnY1RVSOsb3ULcX92ZzGONd2EWJ8XC1WAcrsJAGD7/uwtxAH7AJxJRY8pOgIXcK1vKJJsdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 168ms
168ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066771892&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a01d0d9b57b12794c85c17261877140f89a18358e1aaeb2cdecc9f336002b003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85591
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 56ms
56ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26248960-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5910c4ffb8f8b6604aeb1bfeab48703114fe7a056c840c4e78ab1b1f669858a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73116
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET src=3984747;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45...
ade.googlesyndication.com/ddm/activity/ 0
0

GET src=940892;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45f...
ade.googlesyndication.com/ddm/activity/ 0
0

GET uwt.js
static.ads-twitter.com/ 0
0

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 133ms
50ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.391.js?utv=ut4.48.202310211658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 18 Apr 2024 15:57:53 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F7C1052930F4933A8C73705BF7E9591 Ref B: LON04EDGE0920 Ref C: 2024-04-18T15:57:53Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 10 KB
4 KB 163ms
43ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.390.js?utv=ut4.48.202110260602
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfee63b22a45f4f02e6e6baa93af19e68399a72f6ec390f2795e60dbd72988ba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 18 Apr 2024 04:57:49 GMT
Content-Encoding: gzip
Via: 1.1 07ddb29e6fb6e0d7584320febca423a6.cloudfront.net (CloudFront)
Last-Modified: Fri, 12 Apr 2024 16:30:50 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 39605
x-amz-server-side-encryption: AES256
ETag: W/"cd056b72a31972be87dbbf0927dc2dfd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: lcTEH4KZtv9VGAJUYMd8HPGp3liCic5_u5QnUhdq8C37VpfBML0mDQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 64ms
64ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10466968&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

96cce5e669a0b33a3636b4d064c8fc1b8f91322eab155fee32698baed8c48420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72273
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 748042905296598 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 117ms
116ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/748042905296598?v=2.9.154&r=stable&domain=sain-c-web-elb.uat.hdexternal.co.uk&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

8c7e0cab6e7cc0ba3e53acf21bdfe0c49c1304d27fa1b6d11510198e0ed4df85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Apr 2024 15:57:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=38, mss=1232, tbw=4307, tp=9, tpl=0, uplat=72, ullat=0
pragma: public
x-fb-debug: bfJJhI2N4tK8hyCSjDF9Qo1V+vBA8IC/ouR1WwRiYVo+hSYQtQUyUBaTFOingoq9m8MdJElRjZAoJAtYfMd+ig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 129ms
43ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165598935295352&ev=PageView&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&rl=&if=false&ts=1713455873424&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.2.1713455873423.593399267&ler=empty&cdl=API_unavailable&it=1713455873163&coo=false&eid=1aae1a9f83b925cf0c1f99de48d48685&tm=1&rqm=GET

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=2755, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Apr 2024 15:57:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 86ms
86ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071396369&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ce57252d2d2177f13eb4954c5beea629b72db38060991c1d56ddc4328075546f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85657
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 75ms
75ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1060289911&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

516aefea110745686bd2e65d2f998b057e751a6cf522b859e048f7b71eb84142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87076
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET /
ct.pinterest.com/v3/ 0
0

POST i.gif
collect.tealiumiq.com/sainsburysbank/main/2/ 0
0

GET scevent.min.js
sc-static.net/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 89ms
89ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-949042756&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dba7c30676ca033dad019b1fe1d1d329d368c02aa043be72a9629ed02a5ae8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 91ms
91ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1028334730&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dd4e51e305fb4f95fe12b095d0c57fbd1fe18d82d6ac591c806d70d1548309c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85594
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 96ms
96ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071396249&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

68603e3a8731cc0f052df026c26b4188d8f5523b604770425d6ab0da4e0d7c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85593
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 103ms
103ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9864063&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60a922139a49e3a6b8c5a5f42b909c8267bad90bca0d7e7f2cbf763d0629c9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 44ms
44ms Script
application/javascript 2600:9000:235a:b000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=sainsburysbank/main/202404161417&cb=1713455873494
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:b000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 18 Apr 2024 15:53:15 GMT
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: BUCx7E-dNmAOh2rQ_vWaAK9G_3N20RphFXVEXi_n7pqaovhw6LqNMQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 88ms
87ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPW5JYQ7P5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26248960-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5dabe19cd9ee55b5a3507a33d75100473730eac40b689b8827fa413aaf3a19b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 15:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 15:57:53 GMT

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 204 5189718.js Show response
bat.bing.com/p/action/ 0
119 B 47ms
46ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5189718.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 18 Apr 2024 15:57:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F176CDB7EFB412EB92D9D848645EEA0 Ref B: LON04EDGE0920 Ref C: 2024-04-18T15:57:53Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
289 B 113ms
113ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5189718&Ver=2&mid=c5d5c574-2d9f-408d-b641-759a6102b70d&sid=6a512c60fd9c11eeb0159985882d9e75&vid=6a518df0fd9c11ee8ad09fcf44d26379&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Entry%20Page&p=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&r=&lt=863&evt=pageLoad&sv=1&rn=200708

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Apr 2024 15:57:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F416400C4F35494AA2B4A6B3C6EEBA99 Ref B: LON04EDGE0920 Ref C: 2024-04-18T15:57:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 44ms
43ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165598935295352&ev=PageView&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&rl=&if=false&ts=1713455873559&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmtealium&ec=1&o=4126&fbp=fb.2.1713455873423.593399267&ler=empty&cdl=API_unavailable&it=1713455873163&coo=false&rqm=GET

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=3144, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Apr 2024 15:57:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 44ms
43ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=748042905296598&ev=PageView&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&rl=&if=false&ts=1713455873559&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.2.1713455873423.593399267&ler=empty&cdl=API_unavailable&it=1713455873163&coo=false&rqm=GET

Requested by

Host: sain-c-web-elb.uat.hdexternal.co.uk
URL: https://sain-c-web-elb.uat.hdexternal.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=3260, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Apr 2024 15:57:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET src=10466968;type=sballpag;cat=sbswallp;ord=1080962431246;npa=1;u6=bank%3A;u7=sb-app;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B9...
ade.googlesyndication.com/ddm/activity/ 0
0

GET /
pagead2.googlesyndication.com/pagead/conversion/949042756/ 0
0

GET
H2 200 favicon.ico
sain-c-web-elb.uat.hdexternal.co.uk/ 894 B
2 KB 139ms
139ms Other
image/x-icon 18.133.154.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sain-c-web-elb.uat.hdexternal.co.uk/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.154.58 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-154-58.eu-west-2.compute.amazonaws.com

Software

server /

Resource Hash

24c05217fb753d21a80728da649f1f6766afc772ec3e04d4d20cf62590c528be

Security Headers

Name	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sain-c-web-elb.uat.hdexternal.co.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
date: Thu, 18 Apr 2024 15:57:53 GMT
strict-transport-security: max-age=15552001; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
content-length: 894
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 27 Dec 2023 08:39:40 GMT
server: server
etag: "1da38a03b336d7e"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
accept-ranges: bytes
expires: 0

GET src=3984747;type=generic;cat=allpa0;ord=1852085761792;npa=1;u15=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3...
ade.googlesyndication.com/ddm/activity/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F9F4CBC1556ED7BC7F000101%40AdobeOrg&d_nsid=0&ts=1713455872877

Domain: w.usabilla.com
URL: https://w.usabilla.com/aea56184d1d9.js?lv=1

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F9F4CBC1556ED7BC7F000101%40AdobeOrg&d_nsid=0&d_mid=35449994261820576963640518772753105034&ts=1713455873086

Domain: cdn.corvidae.ai
URL: https://cdn.corvidae.ai/2.9.0/sp.js

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/src=3984747;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/src=940892;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0v9181640370za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?

Domain: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/v3/?tid=2612517364460&event=init&ed[em]=%27%3Cuser_email_address%3E%27&noscript=1

Domain: ct.pinterest.com
URL: https://ct.pinterest.com/v3/?tid=2612517364460&event=pagevisit&noscript=1

Domain: collect.tealiumiq.com
URL: https://collect.tealiumiq.com/sainsburysbank/main/2/i.gif

Domain: sc-static.net
URL: https://sc-static.net/scevent.min.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/src=10466968;type=sballpag;cat=sbswallp;ord=1080962431246;npa=1;u6=bank%3A;u7=sb-app;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/conversion/949042756/?random=1713455873655&cv=11&fst=1713455873655&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9104153716za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk&label=7pQCCJahj-ECEMT8xMQD&hn=www.googleadservices.com&frm=0&tiba=Entry%20Page&value=1&currency_code=GBP&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=denied&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=Sw&data=event%3Dconversion&rfmt=3&fmt=4

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/src=3984747;type=generic;cat=allpa0;ord=1852085761792;npa=1;u15=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sain-c-web-elb.uat.hdexternal.co.uk/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.k2mmBe4OU3k Value: CfDJ8ECP6nHHYMdElh4sZdYw-zyJqqW9jtihK7Z_KS-hOscvqivYsL15wZzJHSje5zdBgjhbvLrUuVYCfb5LaaWfNLk378sOQlU3NdjLexzojFcMicVuFw__yWVU-ypFJ4zqqg1ZDQGgN-tLv55e-iFGUFw
.hdexternal.co.uk/	1969-12-31 23:59:59	Name: AMCVS_F9F4CBC1556ED7BC7F000101%40AdobeOrg Value: 1
.hdexternal.co.uk/	1970-01-21 05:33:35	Name: AMCV_F9F4CBC1556ED7BC7F000101%40AdobeOrg Value: -1303530583%7CMCIDTS%7C19832%7CMCMID%7C35449994261820576963640518772753105034%7CMCAID%7CNONE%7CMCOPTOUT-1713463073s%7CNONE%7CvVersion%7C3.3.0
.hdexternal.co.uk/	1970-01-20 22:07:11	Name: _fbp Value: fb.2.1713455873423.593399267
.hdexternal.co.uk/	1970-01-21 04:43:11	Name: utag_main Value: v_id:018ef1edbb60001398371204e1ee0506f002c06700b08$_sn:1$_se:1$_ss:1$_st:1713457672864$ses_id:1713455872864%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:hdexternal.co.uk$dc_visit:1$dc_event:1%3Bexp-session
.hdexternal.co.uk/	1969-12-31 23:59:59	Name: tealium_prevPageQP Value:
.hdexternal.co.uk/	1970-01-20 19:59:02	Name: _uetsid Value: 6a512c60fd9c11eeb0159985882d9e75
.hdexternal.co.uk/	1970-01-21 05:19:11	Name: _uetvid Value: 6a518df0fd9c11ee8ad09fcf44d26379
.bing.com/	1970-01-21 05:19:11	Name: MUID Value: 044B9967B146657F38B68D02B0FD64E6

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue-j-ajax.min.js?v=zn9afw-vzoofMCCW0zm3xGu19RUwE5oKjrAWUMoF0rc Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/jquery.qtip.min.js?v=dN7ztMD0edH_K1PLR0ScZNXnipipN7a1xEP3VE5E3dM Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue.min.js?v=r34fp-h4zglNh54M4hzYuDpfgrH1FhP3NvZVJZOGCyc Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate-de.js?v=cPTbuJcbr76er1DkenWy6TMVIk6Ie8oRJvvxVRjHj2Q Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/select2.full.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate.js?v=AYowCIVjCV1Pg3S9CXPc7A9o9P8iAYzUwxWX1EydNmw Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/jquery/jquery-3.2.1.min.js?v=dbcH2HYeK_vSX71mHykKT3_RHEjhv1Ojbca9igA0-jU Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/blockUI/jquery.blockUI.js.js?v=P9sTi9IZlFs4mZtSmEz029vMwm9GZuyOYX8UQdk5_D8 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/moment/moment.min.js?v=DYyWoZ81AkDpPAJcZqoKFkhTnt5EV74MlgFi8yEr0lc Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/polyfill/bluebird.core.min.js?v=3zTimbR5ZoPHH51uX6g64T2MHQw-Gtm-hjgNlgKDUsQ Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/js/global/global.min.js Message: Failed to load resource: the server responded with a status of 500 ()
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/polyfill/bluebird.core.min.js?v=3zTimbR5ZoPHH51uX6g64T2MHQw-Gtm-hjgNlgKDUsQ' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/jquery/jquery-3.2.1.min.js?v=dbcH2HYeK_vSX71mHykKT3_RHEjhv1Ojbca9igA0-jU' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue.min.js?v=r34fp-h4zglNh54M4hzYuDpfgrH1FhP3NvZVJZOGCyc' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/js/global/global.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/qtip/jquery.qtip.min.js?v=dN7ztMD0edH_K1PLR0ScZNXnipipN7a1xEP3VE5E3dM' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/blockUI/jquery.blockUI.js.js?v=P9sTi9IZlFs4mZtSmEz029vMwm9GZuyOYX8UQdk5_D8' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/moment/moment.min.js?v=DYyWoZ81AkDpPAJcZqoKFkhTnt5EV74MlgFi8yEr0lc' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate.js?v=AYowCIVjCV1Pg3S9CXPc7A9o9P8iAYzUwxWX1EydNmw' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vee-validate-de.js?v=cPTbuJcbr76er1DkenWy6TMVIk6Ie8oRJvvxVRjHj2Q' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/vuejs/vue-j-ajax.min.js?v=zn9afw-vzoofMCCW0zm3xGu19RUwE5oKjrAWUMoF0rc' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/plugins/select2/select2.full.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/js/form/form.min.js Message: Failed to load resource: the server responded with a status of 500 ()
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to execute script from 'https://sain-c-web-elb.uat.hdexternal.co.uk/js/form/form.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js(Line 249) Message: Refused to connect to 'https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F9F4CBC1556ED7BC7F000101%40AdobeOrg&d_nsid=0&ts=1713455872877' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the script 'https://w.usabilla.com/aea56184d1d9.js?lv=1' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.js(Line 249) Message: Refused to connect to 'https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F9F4CBC1556ED7BC7F000101%40AdobeOrg&d_nsid=0&d_mid=35449994261820576963640518772753105034&ts=1713455873086' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.623.js?utv=ut4.48.202310211658(Line 1) Message: Refused to load the script 'https://cdn.corvidae.ai/2.9.0/sp.js' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=DC-3984747&l=dataLayer&cx=c(Line 78) Message: Refused to connect to 'https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p3p5&rnd=357518968.1713455873&url=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&dma_cps=-&dma=0&npa=1&gtm=45fe44f0za200' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ade.googlesyndication.com/ddm/activity/src=3984747;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ade.googlesyndication.com/ddm/activity/src=940892;npa=1;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0v9181640370za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.354.js?utv=ut4.48.202110260602(Line 3) Message: Refused to load the script 'https://static.ads-twitter.com/uwt.js' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://connect.facebook.net/signals/config/165598935295352?v=2.9.154&r=stable&domain=sain-c-web-elb.uat.hdexternal.co.uk&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ct.pinterest.com/v3/?tid=2612517364460&event=init&ed[em]=%27%3Cuser_email_address%3E%27&noscript=1' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ct.pinterest.com/v3/?tid=2612517364460&event=pagevisit&noscript=1' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.614.js?utv=ut4.48.202203151638(Line 79) Message: Refused to connect to 'https://collect.tealiumiq.com/sainsburysbank/main/2/i.gif' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://tags.tiqcdn.com/utag/sainsburysbank/main/dev/utag.605.js?utv=ut4.48.202203151638(Line 2) Message: Refused to load the script 'https://sc-static.net/scevent.min.js' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=UA-26248960-1&l=dataLayer&cx=c(Line 88) Message: Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ade.googlesyndication.com/ddm/activity/src=10466968;type=sballpag;cat=sbswallp;ord=1080962431246;npa=1;u6=bank%3A;u7=sb-app;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-949042756&l=dataLayer&cx=c(Line 110) Message: Refused to load the script 'https://pagead2.googlesyndication.com/pagead/conversion/949042756/?random=1713455873655&cv=11&fst=1713455873655&bg=ffffff&guid=ON&async=1&gtm=45be44f0v9104153716za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk&label=7pQCCJahj-ECEMT8xMQD&hn=www.googleadservices.com&frm=0&tiba=Entry%20Page&value=1&currency_code=GBP&did=dYmQxMT&gdid=dYmQxMT&gtm_ee=1&npa=1&pscdl=denied&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=Sw&data=event%3Dconversion&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-KPW5JYQ7P5&l=dataLayer&cx=c(Line 158) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-KPW5JYQ7P5&_ng=1&gtm=45je44f0v9139048803za200&_p=1713455872880&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&gdid=dYmQxMT&cid=1704460284.1713455874&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=AgAI&_s=1&sid=1713455873&sct=1&seg=0&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&dt=Entry%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.use_amp_client_id=false&tfd=2590' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-KPW5JYQ7P5&l=dataLayer&cx=c(Line 158) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-KPW5JYQ7P5&_ng=1&gtm=45je44f0v9139048803za200&_p=1713455872880&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&gdid=dYmQxMT&cid=1704460284.1713455874&ul=en-gb&sr=1600x1200&pscdl=denied&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAgI&_s=2&sid=1713455873&sct=1&seg=0&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&dt=Entry%20Page&cu=GBP&en=pet_ins_start_app&_c=1&ep.use_amp_client_id=false&epn.value=0&_et=2&tfd=2592' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
other	warning	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://sain-c-web-elb.uat.hdexternal.co.uk/ Message: Refused to load the image 'https://ade.googlesyndication.com/ddm/activity/src=3984747;type=generic;cat=allpa0;ord=1852085761792;npa=1;u15=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F;gdid=dYmQxMT;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;gtm=45fe44f0za200;gcs=G100;gcd=13p3p3p3p5;dma_cps=-;dma=0;epver=2;~oref=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk?' because it violates the following Content Security Policy directive: "img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://bat.bing.com/bat.js Message: Refused to connect to 'https://bat.bing.com/actionp/0?ti=5189718&Ver=2&mid=c5d5c574-2d9f-408d-b641-759a6102b70d&sid=6a512c60fd9c11eeb0159985882d9e75&vid=6a518df0fd9c11ee8ad09fcf44d26379&vids=1&msclkid=N&evt=pageHide' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-KPW5JYQ7P5&l=dataLayer&cx=c(Line 158) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-KPW5JYQ7P5&_ng=1&gtm=45je44f0v9139048803za200&_p=1713455872880&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&gdid=dYmQxMT&cid=1704460284.1713455874&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=AAAI&_s=3&sid=1713455873&sct=1&seg=0&dl=https%3A%2F%2Fsain-c-web-elb.uat.hdexternal.co.uk%2F&dt=Entry%20Page&en=user_engagement&ep.use_amp_client_id=false&_et=2642&tfd=5248' because it violates the following Content Security Policy directive: "connect-src smetrics.sainsburysbank.co.uk 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Security-Policy	default-src data: https://bam.nr-data.net https://js-agent.newrelic.com 'unsafe-eval' 'unsafe-inline' 'self'; connect-src smetrics.sainsburysbank.co.uk 'self'; frame-src s.thebrighttag.com insight.adsrvr.org bid.g.doubleclick.net www.facebook.com; script-src tags.tiqcdn.com s.btstatic.com s.thebrighttag.com www.googleadservices.com js.adsrvr.org www.googletagmanager.com smetrics.sainsburysbank.co.uk stats.g.doubleclick.net bat.bing.com connect.facebook.net www.googletagmanager.com googleads.g.doubleclick.net 'unsafe-inline' 'unsafe-eval' 'self'; img-src collect.tealiumiq.com bat.bing.com stats.g.doubleclick.net www.google.com www.facebook.com www.google.co.uk smetrics.sainsburysbank.co.uk 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bat.bing.com
cdn.corvidae.ai
collect.tealiumiq.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
js.adsrvr.org
pagead2.googlesyndication.com
sain-c-web-elb.uat.hdexternal.co.uk
sc-static.net
smetrics.sainsburysbank.co.uk
static.ads-twitter.com
tags.tiqcdn.com
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
ade.googlesyndication.com
cdn.corvidae.ai
collect.tealiumiq.com
ct.pinterest.com
dpm.demdex.net
pagead2.googlesyndication.com
sc-static.net
static.ads-twitter.com
w.usabilla.com
www.google-analytics.com
157.240.252.13
18.133.154.58
18.172.103.101
216.58.206.40
2600:9000:235a:b000:7:2bfb:7c00:93a1
2620:1ec:c11::237
2a00:1450:4001:80f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
63.140.62.27
04496264d9103279bc3d7a5a5749d504cfbb418a0bda3bb747b9e4f321d70eee
0519524bf194bf4ff8c2848ecbaeb019d21fe91f1af0a4c2586e6327ceb884a9
061c95624dd933058a122803123ed39748e7b296b7fca48f7139de70200df788
13a758cdff3621865571484199edaca2441a19a719fbd5fcf4a2d5300c22d89e
1a55e9b56edbbf3a4c63e1d7805ff7efebad8ba07353c88ea4f7a9f265245b7d
1f286b99946fa80fd36b75bf64176fc098d4dd9f0ab713a643e06a9420cb12b4
24c05217fb753d21a80728da649f1f6766afc772ec3e04d4d20cf62590c528be
24e6338e1845bcbe04bebea96ce2b49b8f751b01205bbb688c63c14449fa5dd4
2836b69ea18e3678f6e4cdc0fcee189ab6f451896f8b696d4cf3145a6cfd3da9
2bccf05066de38d3964446ca0c254aba2ad295496cbbedf39e0d66bbe9e1de89
2e9fa85f9dd864d935424a7d68233f3807c765daa6706b7327712a694871a946
387eec1ecd1a85aee2799731b8bc34d16b2a414025a2f51c329a618737301867
39075645b3a28653aa1eefca3953fc40cbc4276015dc7a461d287a2f2ef4d71b
4385b7739503c520dea6fa4533762e6481906f356e30ee8f64ad27674344a4c1
4547f59ab7e0246dd9ec93412640d92bd9ec3a540b28756970bdfcfb21cf0946
4ac4379a2fbb71ad222ddb39c1956042f7594328a1f1861ff64edf9c7517d10f
4beefe4edd6e2f6b78a6280eaf8c7457c38f533e61657a1fbdd114be1a6869e3
4dd37d196f4370bcae0e1600f1ac1485b690ff57147eda3e8d9d1f63634bc28c
516aefea110745686bd2e65d2f998b057e751a6cf522b859e048f7b71eb84142
53dbfc69af7fd0794a84ecf8c70d8edfdd785f46544a4a5e4d08f766d8d9847a
5445c10e779c6a333540bb2a68f8b9a16fd735393c75b5acc4bbde6588b34689
5910c4ffb8f8b6604aeb1bfeab48703114fe7a056c840c4e78ab1b1f669858a6
5dabe19cd9ee55b5a3507a33d75100473730eac40b689b8827fa413aaf3a19b7
5dbc11550ff5dcce06dc8df02af7d0567b36a23c327c47f2ceea3bed42eba9dc
60a922139a49e3a6b8c5a5f42b909c8267bad90bca0d7e7f2cbf763d0629c9ad
68603e3a8731cc0f052df026c26b4188d8f5523b604770425d6ab0da4e0d7c82
69d250684b523a2099d68d4a9c9c6129e5aef0511e101988d8ddcaee9ff2d9dc
6c622bd9e40cb6e0cc09b5a7e851de29f65efd7b455355ca105122143f0b131b
6d8a9e07c2037728437439c71c26cc73bbe1cabb617777c896fed4372d78d251
73b400ef7306d494b8bbbeb3b25aad62c2ea7c0d05d995c0805e5d93b1707e0f
7746930a193bd444061a2aaac79a413ea1644a3ca5db9b2c1115425c48d699ad
7f43687ea0990e28ccb519a4833e0156542f622c350658a4202f5b21d1938f6a
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
8694f20aeb322a82f3be4d89b9866d68d70210326e542b60599494c30ee23c45
89821b5d6b81db001008fb18ef0ad4925b2fc5d8220f4bd3a661b7a4d55b49c3
8b79de549f3732fb7d702f5c5e50cba8c4dc3e96a6d5d5f0a7544256968819e0
8c7e0cab6e7cc0ba3e53acf21bdfe0c49c1304d27fa1b6d11510198e0ed4df85
90b9c95c65a004df67ba75007cfdb086a31ef8189400d4dc60f128d90cb26eeb
952c9c681c6bd9e1530817cbbea4b7941a8c313695532f0b61fc6c866d02a46d
96cce5e669a0b33a3636b4d064c8fc1b8f91322eab155fee32698baed8c48420
978e526a69d3d73ccfc069c51ee01e64a45c45bcd354cae7bed6053e19016c6f
9eb23d207cb9dcfb102be7879637882afaab6a329cdf7d19631c8c734974b857
a01d0d9b57b12794c85c17261877140f89a18358e1aaeb2cdecc9f336002b003
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5c6be92324a6acc1c9933f82ad71f3565173bfa13fe0c5cf7efa50afcfb86f4
a777cee8ad78a63fd55a4345bd5c60c8ab1034563c3915bffb6f04d4bb5c7dc2
aa92b47633e755ab745db02897f187961f402f3d146594c11928fc83d431b280
ae4e275d81d15d1212c08fb0d6f4b805c995baa7a6c3b3598ccac2833b7ba986
b1f45f1f19b4e5fcd7a374b34e50f2b8c121b03dff28e4d5680d07acd8a3a419
b2550340d5767d92487a3720b3682dc80fca1533654dc2f86d5376da2142f286
b3952335b6bef68e852c1e0cad73db9306c9188a6c0d2fd28564312d158dc9f6
b79ab5b6a1ce914529325ce3febfda6c39da6c3646d8e1323d0350b526c9bf66
ce57252d2d2177f13eb4954c5beea629b72db38060991c1d56ddc4328075546f
cfee63b22a45f4f02e6e6baa93af19e68399a72f6ec390f2795e60dbd72988ba
dba7c30676ca033dad019b1fe1d1d329d368c02aa043be72a9629ed02a5ae8c1
dd4e51e305fb4f95fe12b095d0c57fbd1fe18d82d6ac591c806d70d1548309c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e502cadd5aebf44bf4fcebee6e5d973c9628137b10f80f3f3d5175781029e6fd
ee6617941bea62a2dce71601e113d1130d9891008bea1da5fc1d046d7700f335
f136a25b3f335cb52ee4ddad8229366c7b2cb7eb3af978516d8696cd1b348707
f6a6056c11bbb66d5ce7f129fd0727d3172ae34e86f9c7fafcfca06eeafae647
f99888d7bfd810a7ec46ec915cba752e4a56053905afafe24228840bc2eb4333

sain-c-web-elb.uat.hdexternal.co.uk Open in urlscan Pro 18.133.154.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

84 %HTTPS

50 %IPv6

17 Domains

18 Subdomains

11 IPs

3 Countries

1792 kBTransfer

4602 kBSize

9 Cookies

25 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sain-c-web-elb.uat.hdexternal.co.uk Open in urlscan Pro
18.133.154.58 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

84 %
HTTPS

50 %
IPv6

17
Domains

18
Subdomains

11
IPs

3
Countries

1792 kB
Transfer

4602 kB
Size

9
Cookies

95 HTTP transactions
0 data transactions