federation.client.barclayscorp.com Open in urlscan Pro
23.213.161.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://barclaysrise.wazoku.com/
Effective URL:
https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77...
Submission: On December 07 via manual (December 7th 2022, 2:21:44 pm UTC) from GB — Scanned from GB

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 47 HTTP transactions. The main IP is 23.213.161.204, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is federation.client.barclayscorp.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 14th 2022. Valid for: a year.

This is the only time federation.client.barclayscorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 22	51.132.238.16 51.132.238.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	23.213.161.204 23.213.161.204	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.95.143.43 52.95.143.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	14

22 51.132.238.16 (London, United Kingdom) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

barclaysrise.wazoku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.161.204 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-204.deploy.static.akamaitechnologies.com

federation.client.barclayscorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.143.43 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-west-2.amazonaws.com

wazoku-clients.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	wazoku.com 3 redirects barclaysrise.wazoku.com	3 MB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 8123	268 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5336 track.hubspot.com — Cisco Umbrella Rank: 2755 forms.hubspot.com — Cisco Umbrella Rank: 3892 app.hubspot.com — Cisco Umbrella Rank: 6226 metrics-fe-na1.hubspot.com Failed	22 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 ajax.googleapis.com — Cisco Umbrella Rank: 361	96 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2617	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2625	16 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4969	88 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5310	21 KB
1	amazonaws.com wazoku-clients.s3.amazonaws.com	311 KB
1	barclayscorp.com federation.client.barclayscorp.com	7 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2679	967 B
0	hsadspixel.net Failed js.hsadspixel.net Failed
0	fidelity.tv Failed video.fidelity.tv Failed
47	14

	Domain	Requested by
22	barclaysrise.wazoku.com	3 redirects barclaysrise.wazoku.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
2	api.hubspot.com	barclaysrise.wazoku.com
2	ajax.googleapis.com	barclaysrise.wazoku.com
1	app.hubspot.com	js.usemessages.com static.hsappstatic.net
1	forms.hubspot.com	barclaysrise.wazoku.com
1	track.hubspot.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	wazoku-clients.s3.amazonaws.com
1	federation.client.barclayscorp.com	barclaysrise.wazoku.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.hs-scripts.com	barclaysrise.wazoku.com
1	fonts.googleapis.com	barclaysrise.wazoku.com
0	metrics-fe-na1.hubspot.com Failed	static.hsappstatic.net
0	js.hsadspixel.net Failed	js.hs-scripts.com
0	video.fidelity.tv Failed	barclaysrise.wazoku.com
47	19

This site contains no links.

Subject Issuer	Validity	Valid
*.wazoku.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-15` - `2023-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
federation.client.barclayscorp.com DigiCert SHA2 Extended Validation Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77fne5PrJK1nTo7FbN4d0B2uCzkgpp8zEgziiqGQqkilWA1HKaDx8mNAm7lCGCsUIrcmKpz3tqo63mWpJgnA2IKDsMs96mWC97u2w0d8vnBQmewKDvOiDe4HWIDsYKLVPWl7pJ0omTTrdXxNc0ienVzQsJMo8tFLOta2ttjTSK1lCCaWshlwKUDVfMcMn2yLWpQ66rSJR1lOfTsAFPSDD7gbsVqhRqc36S1UGE9L4oZp3ZNC9IMDxuZKQVugpMDuZDcFjMJ79cRwojEMId%2B9JvroVpIF61jKTeCEXSfvOm7fQmuNOmYvY8UFPxC123UurnFXZP0kup%2Fegk5xBa00ffapzNtBR8fzE7DuN%2F2U5hDVysBZR%2BJ1Lq3cgAszAg1jggQZQeUv%2FeXfoN&RelayState=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page
Frame ID: B1737FAB0168DBEBAB62FE30E0B0BBE2
Requests: 32 HTTP requests in this frame

Frame: https://barclaysrise.wazoku.com/pixie
Frame ID: 202AA1E53965CDA9D049E55D86AEF256
Requests: 4 HTTP requests in this frame

Frame: https://barclaysrise.wazoku.com/storage
Frame ID: 531FAA739A5F0476585EC400D4D49BCA
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/195541/threads/utk/9708739cc83242739b6185eb52e12999?uuid=76c121aec3b74cc78964d2032fa9b3de&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=barclaysrise.wazoku.com&inApp53=false&messagesUtk=9708739cc83242739b6185eb52e12999&url=https%3A%2F%2Fbarclaysrise.wazoku.com%2Flogin%3Fredirect_to%3D%252Fhome-page&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 17F6933317D02D8CF378BC5FC33B2A11
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Barclays

Page URL History Show full URLs

http://barclaysrise.wazoku.com/ HTTP 301
https://barclaysrise.wazoku.com/ Page URL
https://barclaysrise.wazoku.com/api/v1/authorisation/login?integration_type=saml&id=1&redirect_to=https%3A%2... HTTP 302
https://barclaysrise.wazoku.com/saml_ol/login?redirect_to=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page&... HTTP 302
https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

85 %
HTTPS

77 %
IPv6

14
Domains

19
Subdomains

14
IPs

3
Countries

4114 kB
Transfer

16698 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://barclaysrise.wazoku.com/ HTTP 301
https://barclaysrise.wazoku.com/ Page URL
https://barclaysrise.wazoku.com/api/v1/authorisation/login?integration_type=saml&id=1&redirect_to=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page HTTP 302
https://barclaysrise.wazoku.com/saml_ol/login?redirect_to=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page&id=1 HTTP 302
https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77fne5PrJK1nTo7FbN4d0B2uCzkgpp8zEgziiqGQqkilWA1HKaDx8mNAm7lCGCsUIrcmKpz3tqo63mWpJgnA2IKDsMs96mWC97u2w0d8vnBQmewKDvOiDe4HWIDsYKLVPWl7pJ0omTTrdXxNc0ienVzQsJMo8tFLOta2ttjTSK1lCCaWshlwKUDVfMcMn2yLWpQ66rSJR1lOfTsAFPSDD7gbsVqhRqc36S1UGE9L4oZp3ZNC9IMDxuZKQVugpMDuZDcFjMJ79cRwojEMId%2B9JvroVpIF61jKTeCEXSfvOm7fQmuNOmYvY8UFPxC123UurnFXZP0kup%2Fegk5xBa00ffapzNtBR8fzE7DuN%2F2U5hDVysBZR%2BJ1Lq3cgAszAg1jggQZQeUv%2FeXfoN&RelayState=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://barclaysrise.wazoku.com/ HTTP 301
https://barclaysrise.wazoku.com/

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
barclaysrise.wazoku.com/
Redirect Chain

http://barclaysrise.wazoku.com/
https://barclaysrise.wazoku.com/

37 KB
12 KB

209ms
89ms

Document
text/html

51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

871f3ade869377777ebb662e15cbde9138a38890457dfc101935650c39d56068

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9796
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 14:21:37 GMT
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
Vary: Cookie, Accept-Encoding
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 07 Dec 2022 14:21:37 GMT
Location: https://barclaysrise.wazoku.com/
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 92 KB
4 KB 162ms
62ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Epilogue:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Fira+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Montserrat:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Oxygen:wght@300;400;700&family=Poppins:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Raleway:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Ubuntu:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ec69f2049b7f076647f0323c35bb46bba3c3a83ffb4a41e239a0c5f0b22984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 14:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 14:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 14:21:38 GMT

GET
H/1.1 200
OK material-design-icons.css
barclaysrise.wazoku.com/static/build/fonts/ 98 KB
17 KB 38ms
36ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/fonts/material-design-icons.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e6a11d2190b3cf4d6eef6c6a82ec31225ae73ffb4615194639bbc300d3b79ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:08:06 GMT
ETag: W/"638f2296-1886e"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK bootstrap.min.css
barclaysrise.wazoku.com/static/build/styles/ 110 KB
20 KB 76ms
37ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/styles/bootstrap.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

339efce650d81fc4835e82f39892a27444a105ba90f357d5deba7aa307e6b46f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:11:58 GMT
ETag: W/"638f237e-1b6eb"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK main.min.css
barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/ 583 KB
79 KB 153ms
76ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/main.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

451517e5b69a4fe768695b4d47b455868571e9867fc1fa483dce7abc8af7867e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:12:25 GMT
ETag: W/"638f2399-91dbc"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK components.min.css
barclaysrise.wazoku.com/static/build/styles/ 247 KB
37 KB 197ms
94ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/styles/components.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

03d00ac796fa19809d831ea86112471a8b7b89c80626c7a7dfee1c81322b8006

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:11:59 GMT
ETag: W/"638f237f-3db7a"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK shared.min.css
barclaysrise.wazoku.com/static/build/styles/ 70 KB
18 KB 200ms
93ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/styles/shared.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a70888e4ada884ad7be0fa6745874c1ce7e41a56c6dbc60fe37a0a14b1700661

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:12:00 GMT
ETag: W/"638f2380-118f4"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 143ms
45ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://barclaysrise.wazoku.com/
Origin: https://barclaysrise.wazoku.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 14:17:28 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.8.0/ 172 KB
61 KB 195ms
96ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.8.0/angular.min.js

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566f18cb8bc23558701c2cc4f934fe50bcc85629d1aaf5d589f835f2b3e57a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://barclaysrise.wazoku.com/
Origin: https://barclaysrise.wazoku.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62157
x-xss-protection: 0
last-modified: Fri, 05 Jun 2020 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 03:24:34 GMT

GET
H/1.1 200
OK vendor.min.js
barclaysrise.wazoku.com/static/build/v2/ 2 MB
833 KB 199ms
81ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/v2/vendor.min.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:10:34 GMT
ETag: W/"638f232a-23f322"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK en-gb.js Show response
barclaysrise.wazoku.com/static/new/locale/ 70 B
3 KB 193ms
59ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/new/locale/en-gb.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8df82cea517dccfd69295ef48cb184e715536864e95898cd794e163db29b09a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:07:29 GMT
ETag: W/"638f2271-46"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK runtime.js Show response
barclaysrise.wazoku.com/static/build/spotlight/ 3 KB
4 KB 193ms
46ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/spotlight/runtime.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ccd3f757c8750d5036bfcbc651a380d1abcb8b9977d9edbfa658cee92db70f6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:18:26 GMT
ETag: W/"638f2502-b49"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK main.js Show response
barclaysrise.wazoku.com/static/build/spotlight/ 9 MB
2 MB 230ms
38ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96b98ee55fc7f36b9e62b2685614bfde2bbd235bd40ecedc321ff43e347fd716

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:18:26 GMT
ETag: W/"638f2502-9695b7"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK ajax-loader.gif
barclaysrise.wazoku.com/static/img/icons/ 2 KB
5 KB 34ms
34ms Image
image/gif 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://barclaysrise.wazoku.com/static/img/icons/ajax-loader.gif?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Connection: keep-alive
Content-Length: 2506
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 22 Mar 2022 10:40:55 GMT
ETag: "6239a7b7-9ca"
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK config.js
barclaysrise.wazoku.com/static/build/ckeditor/ 5 KB
4 KB 84ms
84ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/ckeditor/config.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:10:22 GMT
ETag: W/"638f231e-1230"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H2 200 195541.js
js.hs-scripts.com/ 2 KB
967 B 461ms
376ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/195541.js
Requested by: Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 07 Dec 2022 14:19:03 GMT
server: cloudflare
x-hubspot-correlation-id: bec44464-3a84-4828-a290-a483483337da
x-trace: 2B66335F515E8F4F44B2C3C9605E1989E577C9FC18000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://barclaysrise.wazoku.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 775de8ae3e114071-LHR
expires: Wed, 07 Dec 2022 14:22:39 GMT

GET
H/1.1 200
OK pixie
barclaysrise.wazoku.com/ Frame 202A 665 B
3 KB 71ms
71ms Document
text/html 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/pixie

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barclaysrise.wazoku.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 340
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 14:21:39 GMT
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
Vary: Cookie, Accept-Encoding
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK storage
barclaysrise.wazoku.com/ Frame 531F 2 KB
3 KB 71ms
71ms Document
text/html 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/storage

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barclaysrise.wazoku.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 675
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 14:21:39 GMT
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
Vary: Cookie, Accept-Encoding
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET application.js
video.fidelity.tv/widgets/1/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 144ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Epilogue:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Fira+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Montserrat:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Oxygen:wght@300;400;700&family=Poppins:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Raleway:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Ubuntu:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://barclaysrise.wazoku.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 156675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

POST
H/1.1 204
No Content page-view
barclaysrise.wazoku.com/api/v1/analytics/ 0
3 KB 74ms
74ms XHR
text/plain 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/api/v1/analytics/page-view

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://barclaysrise.wazoku.com/
accept-language: en-GB,en;q=0.9
X-CSRFToken: oQAjqc2WPEXBWAcpgUhIpoqGKgtlIf3nktoGR1aCl4KhwFHQDFfSufH8A6WY22z1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 14:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
Allow: POST, OPTIONS
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Vary: Cookie
Access-Control-Allow-Origin: https://barclaysrise.wazoku.com
Cache-Control: private, max-age=0, no-cache, no-store
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H2

200

Primary Request SSO.saml2 Show response
federation.client.barclayscorp.com/idp/
Redirect Chain

https://barclaysrise.wazoku.com/api/v1/authorisation/login?integration_type=saml&id=1&redirect_to=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page
https://barclaysrise.wazoku.com/saml_ol/login?redirect_to=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page&id=1
https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77fne5PrJK1nTo7FbN4d0B2uCzkgpp8zEgziiqGQqkilWA1HKaDx8mNAm7lC...

21 KB
7 KB

1237ms
139ms

Document
text/html

23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77fne5PrJK1nTo7FbN4d0B2uCzkgpp8zEgziiqGQqkilWA1HKaDx8mNAm7lCGCsUIrcmKpz3tqo63mWpJgnA2IKDsMs96mWC97u2w0d8vnBQmewKDvOiDe4HWIDsYKLVPWl7pJ0omTTrdXxNc0ienVzQsJMo8tFLOta2ttjTSK1lCCaWshlwKUDVfMcMn2yLWpQ66rSJR1lOfTsAFPSDD7gbsVqhRqc36S1UGE9L4oZp3ZNC9IMDxuZKQVugpMDuZDcFjMJ79cRwojEMId%2B9JvroVpIF61jKTeCEXSfvOm7fQmuNOmYvY8UFPxC123UurnFXZP0kup%2Fegk5xBa00ffapzNtBR8fzE7DuN%2F2U5hDVysBZR%2BJ1Lq3cgAszAg1jggQZQeUv%2FeXfoN&RelayState=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

d597f6fefb9ae4c3f265a58999eff94e4358f008f095fbaad47bd29aadda7898

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://barclaysrise.wazoku.com/login?redirect_to=%2Fhome-page
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-language: en-GB
content-length: 6554
content-type: text/html;charset=UTF-8
date: Wed, 07 Dec 2022 14:21:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block

Redirect headers

Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com script.hotjar.com static.hotjar.com tagmanager.google.com track.hubspot.com wazoku-static-us.s3.amazonaws.com wazoku-static.s3.amazonaws.com wazoku-transforme-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: script.hotjar.com *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com script.hotjar.com wazoku-static-us.s3.amazonaws.com wazoku-static.s3.amazonaws.com wazoku-transforme-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hotjar.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io surveystats.hotjar.io vc.hotjar.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com wss://*.hotjar.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com vars.hotjar.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' wazoku.circle.so innocentive.wazoku.com community.wazoku.com * zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 14:21:39 GMT
Location: https://federation.client.barclayscorp.com/idp/SSO.saml2?SAMLRequest=hZLRT8IwEMb%2FlaXvbGyaEBtYgixGEhTChkFfTOkOaOza2WtF%2FOvthkT0AR57%2Fb77fne5PrJK1nTo7FbN4d0B2uCzkgpp8zEgziiqGQqkilWA1HKaDx8mNAm7lCGCsUIrcmKpz3tqo63mWpJgnA2IKDsMs96mWC97u2w0d8vnBQmewKDvOiDe4HWIDsYKLVPWl7pJ0omTTrdXxNc0ienVzQsJMo8tFLOta2ttjTSK1lCCaWshlwKUDVfMcMn2yLWpQ66rSJR1lOfTsAFPSDD7gbsVqhRqc36S1UGE9L4oZp3ZNC9IMDxuZKQVugpMDuZDcFjMJ79cRwojEMId%2B9JvroVpIF61jKTeCEXSfvOm7fQmuNOmYvY8UFPxC123UurnFXZP0kup%2Fegk5xBa00ffapzNtBR8fzE7DuN%2F2U5hDVysBZR%2BJ1Lq3cgAszAg1jggQZQeUv%2FeXfoN&RelayState=https%3A%2F%2Fbarclaysrise.wazoku.com%2Fhome-page
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubdomains
Vary: Cookie
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontawesome-webfont.woff2
barclaysrise.wazoku.com/static/build/fonts/font-awesome/ 75 KB
78 KB 35ms
34ms Font
application/octet-stream 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/main.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/main.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2
Origin: https://barclaysrise.wazoku.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Connection: keep-alive
Content-Length: 77160
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:08:04 GMT
ETag: "638f2294-12d68"
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://barclaysrise.wazoku.com
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

POST
H/1.1 204
No Content page-view
barclaysrise.wazoku.com/api/v1/analytics/ 0
3 KB 116ms
115ms XHR
text/plain 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/api/v1/analytics/page-view

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://barclaysrise.wazoku.com/login?redirect_to=%2Fhome-page
accept-language: en-GB,en;q=0.9
X-CSRFToken: oQAjqc2WPEXBWAcpgUhIpoqGKgtlIf3nktoGR1aCl4KhwFHQDFfSufH8A6WY22z1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 14:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
X-App-CSRF: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
Allow: POST, OPTIONS
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Vary: Cookie
Access-Control-Allow-Origin: https://barclaysrise.wazoku.com
Cache-Control: private, max-age=0, no-cache, no-store
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK 133fee1f44104b498b361fa59cbb86ca.jpg
wazoku-clients.s3.amazonaws.com/barclaysrise.wazoku.com/images/ 310 KB
311 KB 205ms
101ms Image
image/jpeg 52.95.143.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wazoku-clients.s3.amazonaws.com/barclaysrise.wazoku.com/images/133fee1f44104b498b361fa59cbb86ca.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.143.43 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:40 GMT
Last-Modified: Sun, 24 Jan 2021 12:12:45 GMT
Server: AmazonS3
x-amz-request-id: Z0BVW30RGE8FJFAH
ETag: "adb920b5382e6ee22962999b024e33ca"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Cache-Control: max-age=259200
Content-Disposition: filename=AdobeStock_154132852.jpeg
Accept-Ranges: bytes
Content-Length: 317528
x-amz-id-2: W1sNT/ofDGtyhGd8qFqdlmdNrjS7cO7WZcVvwdrkGVRvzRCVYjhWjKFPZmRzwI1x5xjPj4afDFc=

GET
H2 200 conversations-embed.js
js.usemessages.com/ 73 KB
21 KB 133ms
54ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/195541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
x-amz-version-id: T1IjqsvgSmawtyw.pCqFWdAGnSoGFmJW
via: 1.1 bd5ab138e49a090fd3089313c9c8105c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P4
age: 382
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11476/bundles/project.js&cfRay=775ddf5c1d510712-LHR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Dec 2022 06:43:00 UTC
server: cloudflare
etag: W/"8f439d2ed98f003d67aea552f3341836"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 775de8b1af26005b-LHR
x-amz-cf-id: Oj5ha9hxC_3Mdf5F2x0XqXApUjcFrfVY4gwoupZy9ZwI9XxK_Jp79g==
x-hs-target-asset: conversations-embed/static-1.11476/bundles/project.js

GET
H2 200 leadflows.js
js.hsleadflows.net/ 548 KB
88 KB 309ms
228ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/195541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://barclaysrise.wazoku.com/
Origin: https://barclaysrise.wazoku.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
x-amz-version-id: WdFozKBx4SUx.lzBGe8mkR8wgVUrEMev
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js&cfRay=775de8b1aeb1dd60-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Nov 2022 02:20:30 UTC
server: cloudflare
etag: W/"74fae7dd863591ed0e85827bc178f500"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 775de8b1aeb1dd60-LHR
x-amz-cf-id: XcFRvEabhhYMivuOWrb-qlqG1CtjI5ZFE4IbdL6DNQ8r76u3R5KdDw==
x-hs-target-asset: lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js

GET
H2 200 195541.js
js.hs-banner.com/ 60 KB
16 KB 129ms
46ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/195541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/195541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
x-amz-version-id: XjYgterWWSCmJQdUSjJU.9OqzBNqByME
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7A6C731RJRTBZSJS
age: 212
x-amz-server-side-encryption: AES256
x-amz-id-2: 10CDy9dFLm7tlKBzMsz9rXBDzyV5bTZ+4L3ZHPQB/XCLxtoXElW319LpDxyvjLogE+Vwt5FwW2A=
last-modified: Tue, 25 Oct 2022 19:53:11 GMT
server: cloudflare
etag: W/"fbd46cdc496cf3f00638c34815be8537"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://duck.duck.qa.uksouth.wazokuinternal.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 775de8b1bcf1d174-LHR
expires: Wed, 07 Dec 2022 14:23:07 GMT

GET fb.js
js.hsadspixel.net/ 0
0

GET
H2 200 195541.js
js.hs-analytics.net/analytics/1670422800000/ 64 KB
20 KB 130ms
50ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1670422800000/195541.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/195541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5XK88BVPWXM93YF4
age: 46
x-amz-server-side-encryption: AES256
x-amz-id-2: KBJH2lhEj2aGq4gojK+vvfYR6cIsHb2aT+vlv0qWBi+NxGNyoKSoP53fMImxxfexRwFHCCVWYRjJvQtvomLhNA==
last-modified: Thu, 01 Dec 2022 14:01:53 GMT
server: cloudflare
etag: W/"055f9405a05a3fb115a29111d826bbf3"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 775de8b1aade23c4-LHR
expires: Wed, 07 Dec 2022 14:25:53 GMT

GET styles.min.css
barclaysrise.wazoku.com/static/build/pixie/scripts/ Frame 202A 0
0

GET
H/1.1 200
OK pixie.css
barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/ Frame 202A 213 B
3 KB 35ms
35ms Stylesheet
text/css 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/styles/clients/barclaysrise.wazoku.com/pixie.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/pixie

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/pixie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 06 Dec 2022 11:11:15 GMT
ETag: W/"638f2353-d5"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H/1.1 200
OK pixie.umd.js
barclaysrise.wazoku.com/static/build/pixie/ Frame 202A 1 MB
349 KB 49ms
38ms Script
application/javascript 51.132.238.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://barclaysrise.wazoku.com/static/build/pixie/pixie.umd.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/pixie

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.132.238.16 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/pixie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 14:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' *.assets-yammer.com *.bootstrapcdn.com *.box.com *.dropbox.com *.google-analytics.com *.googletagmanager.com *.live.net *.microsoft.com *.wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com *.app.apty.io; style-src 'self' 'unsafe-inline' *.bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com *.app.apty.io; img-src * data: blob: *.app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' *.bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com *.app.apty.io; connect-src 'self' *.wazoku.com *.hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com *.app.apty.io api.segment.io; frame-src 'self' *.wazoku.com *.microsoftonline.com *.yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com *.app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' *.wazoku.com *.sharepoint.com *.teams.microsoft.com *.skype.com teams.microsoft.com;
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: public
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 05 May 2022 09:09:44 GMT
ETag: W/"62739458-1182a0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE
Cache-Control: max-age=2592000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Access-Control-Allow-Headers: Authorization,Cache-Control,Content-Type,If-Modified-Since,Origin,Pragma,x-csrftoken,x-requested-with

GET
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 181ms
181ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=195541&conversations-embed=static-1.11476&mobile=false&messagesUtk=9708739cc83242739b6185eb52e12999&traceId=9708739cc83242739b6185eb52e12999

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://barclaysrise.wazoku.com/
accept-language: en-GB,en;q=0.9
X-HubSpot-Messages-Uri: https://barclaysrise.wazoku.com/login?redirect_to=%2Fhome-page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 08317e68-12ff-4d3d-96d8-c1fbe959eba4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1442
server: cloudflare
x-trace: 2BDD7D3EA22D16AE4B31DA4A40C06CD75E879BC4CA000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://barclaysrise.wazoku.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH5IaBsXx2ca5P7OOG8pIypqJiRi6%2BOrUQGLwcHQ1ErlxTlyh5QNv6inpiGMCErYdlAass13CL2fQotOnrGlZzBP8lpFn7XRH7yzvkBL%2F67nF7ioD6%2Fz8lWRpyvd%2FwP10RzI6VLPQnfETURaAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 775de8b3bad77474-LHR
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 229ms
148ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://barclaysrise.wazoku.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://barclaysrise.wazoku.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775de8b2c9d77474-LHR
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 07 Dec 2022 14:21:39 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L22OgSA94K%2FqlvoQH3kwz6URp8NMvefCbyqyhPxEArx%2BccAkbt47msCeJ%2Byrv5Lycbnd21BpVP5xzt7wUNQxm2cbuW9KqO520lRGQmSkvDNg7N2c%2FdkH357T4uDEGgUjjXxU12%2Fn1LwW6CojbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 76465386-9f1b-40d6-8275-9b67c3d9c3f1
x-trace: 2BDEF67E25F0DB38ADA1114105BBAA6628479E269C000000000000000000

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
894 B 229ms
147ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3869294985&v=1.1&a=195541&pu=https%3A%2F%2Fbarclaysrise.wazoku.com%2Flogin%3Fredirect_to%3D%252Fhome-page&t=Barclays+IdeaHub&cts=1670422899553&vi=d6a64c75a80524572b17b20cf900a91f&nc=true&u=129674451.d6a64c75a80524572b17b20cf900a91f.1670422899550.1670422899550.1670422899550.1&b=129674451.1.1670422899550&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2fc2aa03-3ecc-477a-9cf9-ca73b6ae9075
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfk4XuRg7VRKcrgJMkfFJjh%2BSy%2BV430NGKOlPMvc%2BusRnJVwGAaBnBADSEiPqlh%2FJVfQs90S87fBkLiPtGCmcOFo9ygML4eWt619eNr6t%2BV7%2FnFonF25i9gppOvEUAcW7fM8zhBBExdlv8mK78Rg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 775de8b2cf5c7741-LHR
x-robots-tag: none

GET
H2 200 json
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
851 B 162ms
149ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=195541&utk=d6a64c75a80524572b17b20cf900a91f&__hstc=129674451.d6a64c75a80524572b17b20cf900a91f.1670422899550.1670422899550.1670422899550.1&__hssc=129674451.1.1670422899550&currentUrl=https%3A%2F%2Fbarclaysrise.wazoku.com%2Flogin%3Fredirect_to%3D%252Fhome-page

Requested by

Host: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/spotlight/main.js?v=8b441b52d6ecbf3af1c10c06296a8ac2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://barclaysrise.wazoku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e1bbeb5b-c4c4-472a-9a23-139dad3374d5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://barclaysrise.wazoku.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCmrIfKvVcidqDS5Wprn0qwfZ%2FFLWCou6Sm2Npxazq7xwtNH3dDhK311y2UyIW7t5wiY8CMB5AePxrUDHr3gs2TuEKUONhRDa%2Fh%2FSWiICWHpAVFjp7E%2FtzNw%2BM9fKBM%2BLogeTTf4xbB%2BAqRfR5l7"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 775de8b44b6a7474-LHR

GET
H2 200 9708739cc83242739b6185eb52e12999
app.hubspot.com/conversations-visitor/195541/threads/utk/ Frame 17F6 51 KB
18 KB 214ms
206ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/195541/threads/utk/9708739cc83242739b6185eb52e12999?uuid=76c121aec3b74cc78964d2032fa9b3de&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=barclaysrise.wazoku.com&inApp53=false&messagesUtk=9708739cc83242739b6185eb52e12999&url=https%3A%2F%2Fbarclaysrise.wazoku.com%2Flogin%3Fredirect_to%3D%252Fhome-page&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://barclaysrise.wazoku.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: false
age: 3063
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 775de8b4eb5c7741-LHR
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13934/html/index.html&cfRay=775de8b4eb5c7741&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F195541%2Fthreads%2Futk%2F9708739cc83242739b6185eb52e12999%3Fuuid%3D76c121aec3b74cc78964d2032fa9b3de%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dbarclaysrise.wazoku.com%26inApp53%3Dfalse%26messagesUtk%3D9708739cc83242739b6185eb52e12999%26url%3Dhttps%253A%252F%252Fbarclaysrise.wazoku.com%252Flogin%253Fredirect_to%253D%25252Fhome-page%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fbarclaysrise.wazoku.com%2F&cfenv=prod&pdt=2022-12-07&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 14:21:40 GMT
etag: W/"e230697a7b807860418441951344ff73"
last-modified: Tue, 06 Dec 2022 06:43:00 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=775de8b4eb5c7741&resource=conversations-visitor-ui/static-1.13934/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-amz-cf-id: UKCjkRsVkGKH4OAUd1gKyLSssUr3M-TwKJVWka593dcRrVa13RVEuA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: nctoJ5DWsKRDd40aOK5XPKo75G2V4.pt
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13934/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js
static.hsappstatic.net/head-dlb/static-1.245/ Frame 17F6 44 KB
17 KB 124ms
45ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/195541/threads/utk/9708739cc83242739b6185eb52e12999?uuid=76c121aec3b74cc78964d2032fa9b3de&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=barclaysrise.wazoku.com&inApp53=false&messagesUtk=9708739cc83242739b6185eb52e12999&url=https%3A%2F%2Fbarclaysrise.wazoku.com%2Flogin%3Fredirect_to%3D%252Fhome-page&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:40 GMT
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
via: 1.1 2cc148080cadcb3c2908058528ecd5b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: LHR50-P6
age: 154615
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
server: cloudflare
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hU%2FB2YHxzub7EE73WNZlyZx1hsMhxSeTgV083unnP8FURIjjFSnuWKqPJ93%2F9BPipFNRl6x4AZDU33o5vguN5R06z2Evoied7mYZBGPB2P5MSP7YPvWkTeEjVYmof8NDuA2vKjUpvjuy66WPK7nlKAgdLJA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 775de8b6dbd7742b-LHR
x-amz-cf-id: Yb0nOYI3bwAhmljpHNK55LSXkH4pNbnksOonpW6z6BSgC0qfQSv4uw==
expires: Thu, 07 Dec 2023 14:21:40 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/ Frame 17F6 20 KB
4 KB 130ms
51ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:40 GMT
x-amz-version-id: hYgqjzdqx6QyhZH807FkloiLc0TGhAXY
via: 1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: PHL50-C1
age: 168155
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 19:04:10 GMT
server: cloudflare
etag: W/"0e729a3fa047d67852c356071b611db3"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACvYGCbO4Tr3zWZI7MQVpjt%2FOivF4Y5YPvtAFnT7c30nCw%2BdTDM40hDfwBwxFwvQce1R0E2YhJmOaz8J81riYfYvNKdvrbV%2FOzZky0vjoqA2GInZpQuVWjZVUEf0t9hvvxK6FUP8lEyLldcyXcpA3YkWqZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 775de8b6d8ac74f1-LHR
x-amz-cf-id: RT5wqUvtCKngWN0oOBTNXwWYqNRhDa-F9IknePxnmGnOsdvW4Mjztg==
expires: Thu, 07 Dec 2023 14:21:40 GMT

GET
H2 200 bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.332/ Frame 17F6 295 KB
94 KB 124ms
45ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:40 GMT
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
via: 1.1 137830cc36c3678f4f33e4b28fff771a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: LHR52-C1
age: 2399647
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
server: cloudflare
etag: W/"d9e371a943207738b889e588b0560980"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU96pTdSVmABJD78HtOFa%2Bh%2B6holaGz34Ag8ksY8jNxeQla%2BToDMvgsdAM4nWUwiRIqWituN%2BkNEQrOwj5E0%2BmcJMt7eM1iKwptIgZZKH%2FbeIwkBZVBuUVk1cNIR4XLuQqygo5fPe5w6WebW5J1sCrNS%2BqM%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 775de8b6dbd8742b-LHR
x-amz-cf-id: sB6dfAMfrFWxyB66NOqNcmuOpxcAaGNXa3nYoBPZuioiLQjOZlAj6g==
expires: Thu, 07 Dec 2023 14:21:40 GMT

GET
H2 200 visitor.js
static.hsappstatic.net/conversations-visitor-ui/static-1.13934/bundles/ Frame 17F6 518 KB
151 KB 124ms
46ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13934/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:40 GMT
x-amz-version-id: bfpghuTjttXxlHws0I7gW0B25_1oe84n
via: 1.1 78ece21c53165b68619b053629326ac8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOS50-C2
age: 70707
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 17:32:30 GMT
server: cloudflare
etag: W/"8acc75c332954f8796bd7c51b7a1cb8f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIu2kfhH%2BGewHJa%2FRTwTTzSq5B9JVy%2Bw%2Fa%2FEtiDBKt31o3Ld0COOVd0fiSABk6cP2CKCMmrUcHogCEyox%2Fp%2Bf5b7bzX7ASAWXRXAbfq5DIUxAN4UukZnGO2xhpkVPU3QFaFgfK4f0y2%2BJp6HYCa4zdrnQgY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 775de8b6dbd9742b-LHR
x-amz-cf-id: myXmSKt-VNerAPYpZPdk_CbEFnoa1wMXkd0BGQDLlq9YpbJMXimceA==
expires: Thu, 07 Dec 2023 14:21:40 GMT

GET
H3 200 i18n-data-data-locales-en-us.js
static.hsappstatic.net/conversations-visitor-ui/static-1.13861/ Frame 17F6 776 B
1 KB 95ms
54ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13861/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13934/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:21:40 GMT
x-amz-version-id: N1YNpHsPesqdzMzbM3L1yATKJIWFsXmQ
via: 1.1 270c304930830f8773482aa3abdb5d34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: LHR3-C1
age: 199496
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 16:53:39 GMT
server: cloudflare
etag: W/"a1dec623914000bd4a908273f8980145"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka0cWNH5o9o2rqw7qu18z7vVGTQW3laCJ0qT2lY4OC%2FO%2BOcBY1TRoE4yvkADGW%2BgCttdisQjZOw6YzVlI5CZNrVrU0B6iMSE4PV9mb8BZJmnPer5b2fEIUGF17sYQEWEql%2F2pLiGG9QbPZizgVEKYnB3N7E%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 775de8b85a0723ac-LHR
x-amz-cf-id: 9khbHDk9H0MQJYWvL-3x1fntTk1K6a5Al2dKXWg0H4cobtRZamdJvA==
expires: Thu, 07 Dec 2023 14:21:40 GMT

POST rhumb
app.hubspot.com/api/cartographer/v1/ Frame 17F6 0
0

GET welcomeMessages
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1042806/ Frame 17F6 0
0

POST send
metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/ Frame 17F6 0
0

POST performance
app.hubspot.com/api/cartographer/v1/ Frame 17F6 0
0

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5cd6fc948c3e6a702a405c04b77fb064fa0a07690c7d7958188083d812ee3d6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video.fidelity.tv
URL: https://video.fidelity.tv/widgets/1/application.js

Domain: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Domain: barclaysrise.wazoku.com
URL: https://barclaysrise.wazoku.com/static/build/pixie/scripts/styles.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2

Domain: app.hubspot.com
URL: https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13934

Domain: app.hubspot.com
URL: https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1042806/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13934&conversations-visitor-ui=static-1.13934&traceId=9708739cc83242739b6185eb52e12999&sessionId=AMOaWbLMgY15Iv2RFzPuekSEZDqVgc3qqv6iKemQByefrVGJvl4OZp5j6WZy7zLBb9d0nnDyvJSSwApbzuzfLD1FF7RudonU70v0Hny-KOizzwtaljjcZH-Of5jJeqPG6Y1zPz9PzSa4smfEXFMEQtPT7PWp0xL0XVppo0UJD_19SHl08F-11Mo

Domain: metrics-fe-na1.hubspot.com
URL: https://metrics-fe-na1.hubspot.com/metrics/v1/frontend/custom/send?hs_static_app=conversations-visitor-ui&hs_static_app_version=static-1.13934

Domain: app.hubspot.com
URL: https://app.hubspot.com/api/cartographer/v1/performance?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13934

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
barclaysrise.wazoku.com/	1969-12-31 23:59:59	Name: csrftoken Value: tAI202x753HEdU86lWpHUXwlLd6YmRsApdwprRFNBtukNZDxIHnRZONNB3zBGEYe
.wazoku.com/	1970-01-20 17:36:22	Name: spotlight Value: barclaysrise.wazoku.com
.wazoku.com/	1970-01-20 12:19:34	Name: __hstc Value: 129674451.d6a64c75a80524572b17b20cf900a91f.1670422899550.1670422899550.1670422899550.1
.wazoku.com/	1970-01-20 12:19:34	Name: hubspotutk Value: d6a64c75a80524572b17b20cf900a91f
.wazoku.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.wazoku.com/	1970-01-20 08:00:24	Name: __hssc Value: 129674451.1.1670422899550
.hubspot.com/	1970-01-20 08:00:24	Name: __cf_bm Value: uCm3U0Q9ehfeP9EQ4XenLbG1EaDo13IMpUB7hdL5YxA-1670422899-0-Aduf1ittij0bz9pVmdN1UZzFShLFluZaCXqiJfC0lCpY1cLTyxMMqHR2xp4EpCmey8oLKOQiGcVXjw7PfYsJ0Uw=
.barclaysrise.wazoku.com/	1970-01-20 12:19:34	Name: messagesUtk Value: 9708739cc83242739b6185eb52e12999

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	error	URL: https://barclaysrise.wazoku.com/ Message: Refused to load the script 'https://video.fidelity.tv/widgets/1/application.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.hs-scripts.com/195541.js(Line 7) Message: Refused to load the script 'https://js.hsadspixel.net/fb.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	error	URL: https://barclaysrise.wazoku.com/pixie Message: Refused to apply style from 'https://barclaysrise.wazoku.com/static/build/pixie/scripts/styles.min.css?v=8b441b52d6ecbf3af1c10c06296a8ac2' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' .assets-yammer.com .bootstrapcdn.com .box.com .dropbox.com .google-analytics.com .googletagmanager.com .live.net .microsoft.com .wazoku.com ajax.aspnetcdn.com ajax.googleapis.com apis.google.com js.hs-analytics.net js.hs-banner.com js.hs-scripts.com js.hsleadflows.net js.usemessages.com login.microsoftonline.com maps.googleapis.com noembed.com oss.maxcdn.com tagmanager.google.com track.hubspot.com wazoku-static.s3.amazonaws.com .app.apty.io; style-src 'self' 'unsafe-inline' .bootstrapcdn.com ajax.googleapis.com fonts.googleapis.com tagmanager.google.com .app.apty.io; img-src * data: blob: .app.apty.io; media-src 'self' wazoku-clients.s3.amazonaws.com; font-src 'self' .bootstrapcdn.com fonts.gstatic.com wazoku-static.s3.amazonaws.com .app.apty.io; connect-src 'self' .wazoku.com .hubspot.com browser.pipe.aria.microsoft.com maps.googleapis.com sentry.io www.google-analytics.com www.googleapis.com wazoku-clients.s3.amazonaws.com .app.apty.io api.segment.io; frame-src 'self' .wazoku.com .microsoftonline.com .yammer.com accounts.google.com app.hubspot.com docs.google.com player.vimeo.com telemetryservice.firstpartyapps.oaspapps.com w.soundcloud.com www.youtube.com .app.apty.io; form-action 'self' zapier.com; frame-ancestors 'self' .wazoku.com .sharepoint.com .teams.microsoft.com .skype.com teams.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubspot.com
app.hubspot.com
barclaysrise.wazoku.com
federation.client.barclayscorp.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
metrics-fe-na1.hubspot.com
static.hsappstatic.net
track.hubspot.com
video.fidelity.tv
wazoku-clients.s3.amazonaws.com
app.hubspot.com
barclaysrise.wazoku.com
js.hsadspixel.net
metrics-fe-na1.hubspot.com
video.fidelity.tv
23.213.161.204
2606:4700:4400::6812:21ab
2606:4700::6811:43b0
2606:4700::6811:8d2
2606:4700::6811:d2cc
2606:4700::6811:e6cc
2606:4700::6811:eecc
2606:4700::6813:9a53
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:830::2003
51.132.238.16
52.95.143.43
03d00ac796fa19809d831ea86112471a8b7b89c80626c7a7dfee1c81322b8006
339efce650d81fc4835e82f39892a27444a105ba90f357d5deba7aa307e6b46f
37ec69f2049b7f076647f0323c35bb46bba3c3a83ffb4a41e239a0c5f0b22984
451517e5b69a4fe768695b4d47b455868571e9867fc1fa483dce7abc8af7867e
566f18cb8bc23558701c2cc4f934fe50bcc85629d1aaf5d589f835f2b3e57a9f
871f3ade869377777ebb662e15cbde9138a38890457dfc101935650c39d56068
8e6a11d2190b3cf4d6eef6c6a82ec31225ae73ffb4615194639bbc300d3b79ce
96b98ee55fc7f36b9e62b2685614bfde2bbd235bd40ecedc321ff43e347fd716
a70888e4ada884ad7be0fa6745874c1ce7e41a56c6dbc60fe37a0a14b1700661
c8df82cea517dccfd69295ef48cb184e715536864e95898cd794e163db29b09a
ccd3f757c8750d5036bfcbc651a380d1abcb8b9977d9edbfa658cee92db70f6e
d597f6fefb9ae4c3f265a58999eff94e4358f008f095fbaad47bd29aadda7898
e5cd6fc948c3e6a702a405c04b77fb064fa0a07690c7d7958188083d812ee3d6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

federation.client.barclayscorp.com Open in urlscan Pro 23.213.161.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

85 %HTTPS

77 %IPv6

14 Domains

19 Subdomains

14 IPs

3 Countries

4114 kBTransfer

16698 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

federation.client.barclayscorp.com Open in urlscan Pro
23.213.161.204 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

85 %
HTTPS

77 %
IPv6

14
Domains

19
Subdomains

14
IPs

3
Countries

4114 kB
Transfer

16698 kB
Size

8
Cookies

47 HTTP transactions
1 data transactions