urlscan.io logo urlscan.io
SecurityTrails logo

accounts.lidl.com Open in urlscan Pro
51.105.123.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://parcel-api.delivery-status.com/click?data=9b69f40aaec47df0d7c3ead101804b30583c5be9e73094d5f6eb4e93ba19cb7c0d2abda36e8d35977711c...
Effective URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DB...
Submission: On August 13 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 51.105.123.133, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is accounts.lidl.com.
TLS certificate: Issued by SwissSign EV Gold CA 2014 - G22 on September 12th 2018. Valid for: 2 years.
This is the only time accounts.lidl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.156.91.126 16509 (AMAZON-02)
1 1 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 11 51.105.123.133 8075 (MICROSOFT...)
10 2
Apex Domain
Subdomains		 Transfer
11 lidl.com
accounts.lidl.com
662 KB
1 lidl-shop.be
www.lidl-shop.be
1 KB
1 delivery-status.com
parcel-api.delivery-status.com
411 B
10 3
Domain Requested by
11 accounts.lidl.com 1 redirects accounts.lidl.com
1 www.lidl-shop.be 1 redirects
1 parcel-api.delivery-status.com 1 redirects
10 3

This site contains links to these domains. Also see Links.

Domain
www.lidl.co.uk
www.lidl-shop.be
www.lidl.be
Subject Issuer Validity Valid
accounts.lidl.com
SwissSign EV Gold CA 2014 - G22		 2018-09-12 -
2020-09-12		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Frame ID: 04F922CDB210C324DC9B52125389CF48
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://parcel-api.delivery-status.com/click?data=9b69f40aaec47df0d7c3ead101804b30583c5be9e73094d5f6eb4e93ba19cb7c0... HTTP 302
    https://www.lidl-shop.be/nl-BE/login HTTP 302
    https://accounts.lidl.com/connect/authorize?response_type=code&client_id=BelgiumEcommerceClient&respon... HTTP 302
    https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3D... Page URL

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

730 kB
Transfer

1449 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://parcel-api.delivery-status.com/click?data=9b69f40aaec47df0d7c3ead101804b30583c5be9e73094d5f6eb4e93ba19cb7c0d2abda36e8d35977711c4c990a282cb85bc15ae5792c4c9ab60b9ebd0a0b158c8508bd9408fe6b98addd11a96a7614428dce6 HTTP 302
    https://www.lidl-shop.be/nl-BE/login HTTP 302
    https://accounts.lidl.com/connect/authorize?response_type=code&client_id=BelgiumEcommerceClient&response_mode=form_post&redirect_uri=https%3A%2F%2Fwww.lidl-shop.be%2Fsso&scope=openid+profile+Lidl.Authentication+offline_access&state=VZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw&nonce=DSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA&max_age=10800&language=nl-BE&step=login HTTP 302
    https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set Login
accounts.lidl.com/Account/
Redirect Chain
  • http://parcel-api.delivery-status.com/click?data=9b69f40aaec47df0d7c3ead101804b30583c5be9e73094d5f6eb4e93ba19cb7c0d2abda36e8d35977711c4c990a282cb85bc15ae5792c4c9ab60b9ebd0a0b158c8508bd9408fe6b98add...
  • https://www.lidl-shop.be/nl-BE/login
  • https://accounts.lidl.com/connect/authorize?response_type=code&client_id=BelgiumEcommerceClient&response_mode=form_post&redirect_uri=https%3A%2F%2Fwww.lidl-shop.be%2Fsso&scope=openid+profile+Lidl.A...
  • https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%25...
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3c7261a4401581533874c5d8a53c65b03fe73cbd24b973106b727309b2480c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
accounts.lidl.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
belgiumecommerceclient-BE-language=nl-BE; path=/; secure; httponly .AspNetCore.Antiforgery.pIV2Ht94CKA=CfDJ8JnmnJBNcERBtKsdWdOHrjZdIKSxrghS2-o8_rBGiFePQh4ZiTxvTw6M3EAGCfl3cP3H-vjBk40RoDcwY08z-vS576-5b3AJupTVr_mIeIKIq4y4wRpQFEF_GEbfOO0XaJAJjvnh9iHoac25SNtfwuo; path=/; samesite=lax; httponly
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'

Redirect headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Length
0
Connection
keep-alive
Location
https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
gtm.js
accounts.lidl.com/themes/ecommerce/assets/ 		527 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/gtm.js
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d81724685f95148af0d182fe9d88d8b30312ff8e5c82df8aff2b13b79702313
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d4f70f"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
chunk-common.d90d0684e05ae06aa6fb.css
accounts.lidl.com/themes/ecommerce/assets/ 		522 KB
345 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/chunk-common.d90d0684e05ae06aa6fb.css
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee7d4f291e8195ce19942998ec50270f8913f4d68a568fa21d08fd5b96b95c2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5dcdd1e"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
text/css
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
ecommerce-login.d90d0684e05ae06aa6fb.js
accounts.lidl.com/themes/ecommerce/assets/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/ecommerce-login.d90d0684e05ae06aa6fb.js
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
244a1c3479fb9ab6ea85c627a6d7e6f8e4a4b4956865fe666876a25d6706071b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d4fe54"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
chunk-vendors.d90d0684e05ae06aa6fb.js
accounts.lidl.com/themes/ecommerce/assets/ 		452 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/chunk-vendors.d90d0684e05ae06aa6fb.js
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfde05573278af7030234909f7f83222923beea96b7d1bce295de0ab9bc170d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d3fb63"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
chunk-common.d90d0684e05ae06aa6fb.js
accounts.lidl.com/themes/ecommerce/assets/ 		347 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/chunk-common.d90d0684e05ae06aa6fb.js
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
10c0148ae2dccbc6b391492a87c5c7b9d38413b6c68ee94e39bf4c51cd6fbb16
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d19851"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
truncated
/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
486d086ec9ddd39b6d1124406c65af8e61077191e45b2da565a57f1a2b107db2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
https://accounts.lidl.com

Response headers

Content-Type
font/woff2
nl-be
accounts.lidl.com/api/translations/ 		37 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/api/translations/nl-be
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/themes/ecommerce/assets/chunk-vendors.d90d0684e05ae06aa6fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3b53da0903b2850c2412a86d75c35793efd0a51e2e17b805d25b97249bb7f94
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Cache-Control
public,max-age=86400
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
rules
accounts.lidl.com/api/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.lidl.com/api/rules
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/themes/ecommerce/assets/chunk-vendors.d90d0684e05ae06aa6fb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87bf279fda6738e1adc35dac02783e9bff629269fdb5f61d3ae90bb1b3a560e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Cache-Control
public,max-age=3600
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
logo.png
accounts.lidl.com/themes/ecommerce/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/logo.png
Requested by
Host: accounts.lidl.com
URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f755ffaa560cbab95cfe14784c3876178f1a6936558f12e4f88987efd893631
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:14 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
2665
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d4ff69"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
basket.svg
accounts.lidl.com/themes/ecommerce/assets/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.lidl.com/themes/ecommerce/assets/icons/basket.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.105.123.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2318f8b088f7604c7f23dd9eeb0ac2a330996e0ed870fe5c9b07232c9309b0c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 13 Aug 2020 22:06:14 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
1622
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:1ac8c325-343b-4413-abb1-3254157df324
Referrer-Policy
no-referrer
Last-Modified
Thu, 06 Aug 2020 11:51:46 GMT
X-Frame-Options
SAMEORIGIN
ETag
"1d66be7f5d4f356"
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Type
image/svg+xml
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Accept-Ranges
bytes
X-Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| initGTM boolean| alreadyHasConsent object| theForm object| webpackJsonp object| regeneratorRuntime

2 Cookies

Domain/Path Name / Value
accounts.lidl.com/ Name: .AspNetCore.Antiforgery.pIV2Ht94CKA
Value: CfDJ8JnmnJBNcERBtKsdWdOHrjZdIKSxrghS2-o8_rBGiFePQh4ZiTxvTw6M3EAGCfl3cP3H-vjBk40RoDcwY08z-vS576-5b3AJupTVr_mIeIKIq4y4wRpQFEF_GEbfOO0XaJAJjvnh9iHoac25SNtfwuo
accounts.lidl.com/ Name: belgiumecommerceclient-BE-language
Value: nl-BE

1 Console Messages

Source Level URL
Text
console-api log URL: https://accounts.lidl.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBelgiumEcommerceClient%26response_mode%3Dform_post%26redirect_uri%3Dhttps%253A%252F%252Fwww.lidl-shop.be%252Fsso%26scope%3Dopenid%2520profile%2520Lidl.Authentication%2520offline_access%26state%3DVZc3dSNcU6rWzQecjDp_WmgWhoN1wYfQW9GldYW9mXw%26nonce%3DDSlK5RP72jUozddwonGP5jsMdJfeowyOn9CJXHht1TA%26max_age%3D10800%26language%3Dnl-BE%26step%3Dlogin(Line 41)
Message:
[object HTMLButtonElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.lidlplus.com *.googletagmanager.com *.google-analytics.com stats.g.doubleclick.net tagmanager.google.com *.cookiebot.com; object-src 'none'; frame-src 'self' lidl.es *.lidl.at *.lidl.es *.lidl.dk *.lidl.com *.lidl.pl *.lidl.de *.lidl.nl *.lidl.fr *.lidl.sk *.lidl.be *.lidl.lu *.lidl.co.uk *.lidl.ie *.lidl.fi *.lidl.ro *.lidl.cz *.lidl.se *.cookiebot.com; sandbox allow-forms allow-popups allow-same-origin allow-scripts; base-uri 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block