www.tescobank.com Open in urlscan Pro
2.17.147.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tescobank.com.s3-website-eu-west-1.amazonaws.com/
Effective URL:
https://www.tescobank.com/
Submission: On December 14 via manual (December 14th 2023, 1:08:26 pm UTC) from GB — Scanned from GB

Summary HTTP 56 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 56 HTTP transactions. The main IP is 2.17.147.160, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is www.tescobank.com. The Cisco Umbrella rank of the primary domain is 328487.
TLS certificate: Issued by Entrust Certification Authority - L1M on April 26th 2023. Valid for: a year.

This is the only time www.tescobank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.92.35.124 52.92.35.124	16509 (AMAZON-02) (AMAZON-02)
1 1	2.17.147.219 2.17.147.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 26	2.17.147.160 2.17.147.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2600:9000:206... 2600:9000:206f:c600:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
5	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1	2.17.147.217 2.17.147.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
56	7

1 52.92.35.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: s3-website-eu-west-1.amazonaws.com

tescobank.com.s3-website-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.147.219 (Prague, Czech Republic) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-219.deploy.static.akamaitechnologies.com

www.tescobank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.17.147.160 (Prague, Czech Republic) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-160.deploy.static.akamaitechnologies.com

www.tescobank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forrit-one-tb-prod-p1-consumables.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tescobank.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:c600:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

data.privacy.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.147.217 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-217.deploy.static.akamaitechnologies.com

identity.tescobank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	tescobank.com 2 redirects www.tescobank.com — Cisco Umbrella Rank: 328487 identity.tescobank.com — Cisco Umbrella Rank: 433877	459 KB
16	azureedge.net forrit-one-tb-prod-p1-consumables.azureedge.net — Cisco Umbrella Rank: 474621 tescobank.azureedge.net — Cisco Umbrella Rank: 553412	857 KB
8	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3429 data.privacy.ensighten.com — Cisco Umbrella Rank: 7394	121 KB
5	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4867	27 KB
1	amazonaws.com 1 redirects tescobank.com.s3-website-eu-west-1.amazonaws.com	271 B
56	5

	Domain	Requested by
27	www.tescobank.com	2 redirects www.tescobank.com nexus.ensighten.com
15	forrit-one-tb-prod-p1-consumables.azureedge.net	www.tescobank.com
5	widget.trustpilot.com	nexus.ensighten.com widget.trustpilot.com
4	data.privacy.ensighten.com	www.tescobank.com
4	nexus.ensighten.com	www.tescobank.com nexus.ensighten.com
1	identity.tescobank.com	nexus.ensighten.com
1	tescobank.azureedge.net	www.tescobank.com
1	tescobank.com.s3-website-eu-west-1.amazonaws.com	1 redirects
56	8

This site contains links to these domains. Also see Links.

Domain
yourcommunity.tescobank.com
community.tescobank.com
www.tescogiftcards.com
apps.apple.com
play.google.com
bank.tescoplc.com
careers.tescobank.com
www.tesco.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
www.tescobank.com Entrust Certification Authority - L1M	`2023-04-26` - `2024-04-26`	a year	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 03	`2023-10-08` - `2024-10-02`	a year	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.privacy.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-02-16`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
identity.tescobank.com Entrust Certification Authority - L1M	`2023-04-12` - `2024-04-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.tescobank.com/
Frame ID: 3411D3F1015A4C08458EC0B2F9A13AD6
Requests: 54 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
Frame ID: 8DD21CBCE3991701F7B8FDB71E0876D0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tesco Bank - Credit Cards, Loans and Insurance - Personal Finance

Page URL History Show full URLs

http://tescobank.com.s3-website-eu-west-1.amazonaws.com/ HTTP 301
http://www.tescobank.com/ HTTP 301
https://www.tescobank.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Page Statistics

56
Requests

96 %
HTTPS

25 %
IPv6

5
Domains

8
Subdomains

7
IPs

4
Countries

1460 kB
Transfer

2497 kB
Size

8
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://yourcommunity.tescobank.com/content/3337#ckb_start
Title: Update my details

Search URL Search Domain Scan URL

URL: https://yourcommunity.tescobank.com/content/113
Title: FAQ's

Search URL Search Domain Scan URL

URL: https://community.tescobank.com/index.php
Title: Our Community

Search URL Search Domain Scan URL

URL: https://www.tescogiftcards.com/?intid=hmpg/acq/egc/na/na/na/wk40

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id857834425?pt=1911193&ct=Homepage2020&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.tescobank.mobile&hl=en_GB

Search URL Search Domain Scan URL

URL: https://community.tescobank.com/
Title: FAQs in Community

Search URL Search Domain Scan URL

URL: https://www.tescogiftcards.com/
Title: Digital Gift Cards

Search URL Search Domain Scan URL

URL: https://bank.tescoplc.com/
Title: Corporate website

Search URL Search Domain Scan URL

URL: https://careers.tescobank.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.tesco.com/
Title: Tesco.com

Search URL Search Domain Scan URL

URL: https://yourcommunity.tescobank.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tesco.bank/

Search URL Search Domain Scan URL

URL: https://twitter.com/TescoBankHelp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tescobank

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tescobank.com.s3-website-eu-west-1.amazonaws.com/ HTTP 301
http://www.tescobank.com/ HTTP 301
https://www.tescobank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.tescobank.com/assets/website/img/logo/site-logo-rb.svg HTTP 301
https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tescobank.com/
Redirect Chain

http://tescobank.com.s3-website-eu-west-1.amazonaws.com/
http://www.tescobank.com/
https://www.tescobank.com/

112 KB
18 KB

666ms
421ms

Document
text/html

2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec8db258f651d2e44e2f9041570097fc265f8a9f3603f844256f9400e0cd2758

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-14eb65f75aaf2c4316f47e00583c27b0' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: private, s-maxage=0
content-encoding: gzip
content-length: 15171
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-14eb65f75aaf2c4316f47e00583c27b0' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 13:08:21 GMT
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-akamai-transformed: 9 20338 0 pmb=mTOE,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Dec 2023 13:08:21 GMT
Location: https://www.tescobank.com/

GET
H2 200 tb-iconfont.ttf
www.tescobank.com/Fonts/tb-iconfont/ 6 KB
6 KB 98ms
96ms Font
application/x-font-ttf 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/tb-iconfont/tb-iconfont.ttf?ae3jsw

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

e19a267c1a8b205b022e155d7c65adb9468072ba26bf277ab916e937586f603c

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:21 GMT
content-encoding: gzip
content-length: 3806
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-expose-headers: Request-Context
cache-control: max-age=17235
accept-ranges: bytes

GET
H2 200 TESCOModern-Light-web.woff2
www.tescobank.com/Fonts/ 27 KB
29 KB 100ms
98ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/TESCOModern-Light-web.woff2

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc3de12503ecb116a9f44677fa8d2b1c066d2313189b89fb2df5817f5d907ca2

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
date: Thu, 14 Dec 2023 13:08:21 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: max-age=20928
accept-ranges: bytes
content-length: 27376
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 TESCOModern-LightItalic-web.woff2
www.tescobank.com/Fonts/ 28 KB
30 KB 123ms
121ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/TESCOModern-LightItalic-web.woff2

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a34d5bf04784d240998095d06dbfd6309d2e414ec864e5440618cec9ac93cff

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
date: Thu, 14 Dec 2023 13:08:21 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: max-age=20962
accept-ranges: bytes
content-length: 28360
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 TESCOModern-Medium-web.woff2
www.tescobank.com/Fonts/ 28 KB
31 KB 165ms
163ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/TESCOModern-Medium-web.woff2

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

568219ca839f8425765048f6ff3214e8fa5ce4025f4315e7e1e3be5b906c0b63

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
date: Thu, 14 Dec 2023 13:08:21 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: max-age=15956
accept-ranges: bytes
content-length: 29084
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 TESCOModern-Regular-web.woff2
www.tescobank.com/Fonts/ 28 KB
31 KB 178ms
177ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/TESCOModern-Regular-web.woff2

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

22c07af3234f9d6dc7f9a781740625e4c7e4287a9ce9709f6d89c36b962b23c1

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
date: Thu, 14 Dec 2023 13:08:21 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: max-age=20893
accept-ranges: bytes
content-length: 29080
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 TESCOModern-Bold-web.woff2
www.tescobank.com/Fonts/ 27 KB
30 KB 193ms
192ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Fonts/TESCOModern-Bold-web.woff2

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f9c15b61eb2e0552290225807a6826c7dc7b8396fa3c05ead5b24d2a9b0ba10

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
date: Thu, 14 Dec 2023 13:08:21 GMT
etag: "08564eda826da1:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-expose-headers: Request-Context
cache-control: max-age=20949
accept-ranges: bytes
content-length: 27792
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 css
www.tescobank.com/bundles/ 483 KB
84 KB 205ms
204ms Stylesheet
text/css 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/bundles/css?v=EADJda0rGdj4iw0e65yBuWW9GzUgpafw-WkdCy7pZqM1

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

e34af59d458d35dded3856a00e1c02a50f4d802f71305d34fb355113881b23e0

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-400453b843bbb7e38a8eec2ed992e4cd' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-400453b843bbb7e38a8eec2ed992e4cd' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:21 GMT
content-length: 83815
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Dec 2023 13:08:21 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
expires: Fri, 13 Dec 2024 13:08:21 GMT

GET
H2 200 head-scripts Show response
www.tescobank.com/bundles/ 5 KB
5 KB 202ms
202ms Script
text/javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/bundles/head-scripts?v=1Tun4lNF1HtpvzOhB_BvucYx03zqxr6Ch_FK9zbmVqY1

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b9f29ff84f1dd1eed259d636610d91e5f8b4e99cadf5886073c70bf2039ea9f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-dfeacfca39e8bd463890143dfb54b581' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-dfeacfca39e8bd463890143dfb54b581' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:21 GMT
content-length: 2906
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Dec 2023 13:08:21 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
expires: Fri, 13 Dec 2024 13:08:21 GMT

GET
H2 200 christmas-2023-banner-desktop-alt.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/f12add7e-9c4c-42c5-9c4b-43e0192c8f1a/ 500 KB
500 KB 132ms
28ms Image
image/jpeg 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/f12add7e-9c4c-42c5-9c4b-43e0192c8f1a/christmas-2023-banner-desktop-alt.jpg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b54539fdcea4727c3256bf6aea43f0a5a0c4beca493d49221b967eb3dea0e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:21 GMT
x-content-type-options: nosniff
content-md5: gVVu6qqGQSZko/UFHy1y8g==
x-cache: TCP_HIT
content-length: 511528
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 12 Dec 2023 11:23:59 GMT
etag: 0x8DBFB04D614FB8A
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rf56ZQAAAAA/6iE79DQeS5iHtkS4UA33TE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c0dcd817-801e-0031-4554-2ea561000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/tescobank/brochureware/ 123 KB
29 KB 158ms
47ms Script
application/javascript 2600:9000:206f:c600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e111bc91c6e5fecd40be7ebfb9244cc2844f6e7840ee1b836db20b1caf15b284

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:28:02 GMT
x-amz-version-id: BV0Ce7Tp5hTssPJhTHj0z5Wv5oJq86tb
content-encoding: br
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1996820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 10:27:45 GMT
server: CloudFront
etag: W/"c075c653ac355050391bf18f7d997a40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: kRMv_M3CcOnWd8-0bAEKjiQxJWzcJPmi48l6oJzNtXySQ3D6b3Ua3Q==

GET
H2 200 7a1201c8 Show response
www.tescobank.com/akam/13/ 26 KB
9 KB 219ms
218ms Script
application/javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tescobank.com/akam/13/7a1201c8
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44b291a081fd68b2cbb1cb4b0be3817de820853a0586b2c750765ea45978eaff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:08:22 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:05:45 GMT
etag: "0bc885058cc4fd08e1c2b0441094cfc9a2e40c2c18f4c4ae9717c5762745c6c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8779
expires: Thu, 14 Dec 2023 13:08:22 GMT

GET
H2 200 tesco-bank-logo.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/ff713953-33ca-4d12-884c-48ed74671048/ 13 KB
4 KB 143ms
27ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/ff713953-33ca-4d12-884c-48ed74671048/tesco-bank-logo.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e8866a96f8f984940e24e17f77611fc957045df700c03e828edbd264e0cc43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:21 GMT
content-md5: a+xLg288gNJHtT6WscLjfA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Mon, 06 Nov 2023 12:47:00 GMT
etag: 0x8DBDEC6784F79A8
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rf56ZQAAAABkHUC5uXOeQoR8/gvbKSLpTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5e08b376-401e-0027-43c6-2d64ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 family-selfie-christmas-l.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5f27536-bd2b-4e82-bbb9-86978f698f10/ 113 KB
113 KB 72ms
72ms Image
image/jpeg 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/d5f27536-bd2b-4e82-bbb9-86978f698f10/family-selfie-christmas-l.jpg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

173d077fc2c2b2277848d4791fde2e37ac8aff4779c2719f44839af94f6b916b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:21 GMT
x-content-type-options: nosniff
content-md5: HUBUaUcX+dNQYakJLCC8qQ==
x-cache: TCP_HIT
content-length: 115676
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 11:30:28 GMT
etag: 0x8DBEA85431A6EBB
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rf56ZQAAAAD9G6k9S8CiSKoRmzjP62sHTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 48cd66fe-601e-0030-72e4-2da49c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 scripts Show response
www.tescobank.com/bundles/ 169 KB
77 KB 122ms
122ms Script
text/javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/bundles/scripts?v=MQprlrMhw5rXlMCmlC_7pJTg-KCqH36E8Bopb5ilprc1

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

19c38c1f19eb506cf0eb52cfdf697831a5f2b371164a7b4b1090d4e185a2c14f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-cfdf6e071e92039608d80b352731ac1b' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 13 Dec 2024 13:08:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 14 Dec 2023 13:08:22 GMT
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-cfdf6e071e92039608d80b352731ac1b' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 deferred-css
www.tescobank.com/bundles/ 5 KB
4 KB 110ms
110ms Stylesheet
text/css 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/bundles/deferred-css?v=J4NAge9xzP9FwGAMHBQ5jbz9h_hqWifR1jbLBMrRGhc1

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f0cf82d5e09e03fada71e328cf7f97ab29015542c419c48d40ebe1569143223

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-f6d987a12b63f43c1f03daf4f9047e88' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-f6d987a12b63f43c1f03daf4f9047e88' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 1666
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Dec 2023 13:08:22 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
expires: Fri, 13 Dec 2024 13:08:22 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/tescobank/privacy/ 382 KB
91 KB 42ms
41ms Script
application/javascript 2600:9000:206f:c600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 54144ce24fde7fc52154e72eea4186438ac4d4f1991af2d0d4c440998c2d03ef

Request headers

Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 30 Oct 2023 12:11:19 GMT
x-amz-version-id: gxKVxKMQwBT0u87kYbQ9cVkz8bz5LvkU
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3891423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 12:10:09 GMT
server: CloudFront
etag: W/"da4bf6051500649da8dc17c98278b28f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: c0jG-EE9VeKIhXQmbQwts5n4o9T6RUGvHe56upTVyW5afAbK4cGhXg==

GET
H2 200 main.js Show response
www.tescobank.com/Scripts/Dist/ 5 KB
4 KB 105ms
104ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/main.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1e52d77264de139e04bb7eb4d8ceea358f95e06356b527fb50bb3054b2d62a6

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 1703
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:22 GMT
etag: "01bd1bca926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 header-and-nav.js Show response
www.tescobank.com/Scripts/Dist/layout/ 10 KB
5 KB 149ms
148ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/layout/header-and-nav.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

06a25eb20544eaa0fb6eea364fea588a79d6adc4fd0e6e909b6762a0cfb1974e

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 2282
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:26 GMT
etag: "07533bfa926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 footer.js Show response
www.tescobank.com/Scripts/Dist/layout/ 780 B
3 KB 113ms
112ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/layout/footer.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

de219074ff2fbcfc4c1724036bdf883ab0b27568a87b9972eb64011cfc07ba9e

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 526
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:26 GMT
etag: "07533bfa926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 search.js Show response
www.tescobank.com/Scripts/Dist/search/ 1 KB
3 KB 146ms
145ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/search/search.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

49a997ad3efef8509cc12ab2366b550e8b62559764b6402e1565ba5431f6d907

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 859
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 product-tiles.js Show response
www.tescobank.com/Scripts/Dist/product-tiles/ 2 KB
3 KB 159ms
159ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/product-tiles/product-tiles.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a477a71358f9744e891c82b452d815d069e0751b250953b5d0f64e2f9c11f04

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 795
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 trustpilot.js Show response
www.tescobank.com/Scripts/Dist/trustpilot/ 1 KB
3 KB 147ms
147ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/trustpilot/trustpilot.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ff339998010a0a8d02aff45adae6e1d535c174bdcd797b807124485539781b8

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 812
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H3 204 perf.rnc
nexus.ensighten.com/tescobank/brochureware/ 0
217 B 37ms
37ms Image
text/plain 2600:9000:206f:c600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/tescobank/brochureware/perf.rnc?cid=746&ns=1702559300646&ce=657&cs=412&dc=0&dclee=0&dcles=0&di=1553&dl=1081&dle=412&dls=412&fs=412&lee=0&les=0&rede=0&reds=0&reqs=657&resps=1078&respe=1086&scs=457&ues=0&uee=0
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:c600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:13:09 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server: CloudFront
age: 60913
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9A9sP2E0pj_pbXTl4KbLh0mgCT7DE0yU8dPmz3MQW_WfHymftYTN1A==

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 142ms
37ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=746&i=6ylwrd&p=privacy&s=329&d=8Eh7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0NiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwiaW5zdGFuY2UpAPAUIjZ5bHdyZCIsInBhY2tldCI6MCwibW9kZSI6ImVuZm9yY2VZAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmdlAPIJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0tQBgIiwidHlwVADwD2JpbGxpbmciLCJzdGFydCI6MTcwMjU1OTMwMjMwM10AoGQiOi0xLCJzb3V8ACI6IisAQXR1cyIMAGByZWFzb25lANRdLCJkYXRhUGF0dGVyEgDCbGlzdCI6W10sImlkXQDANTU5MzAyMzAzfV19
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 14 Dec 2023 13:08:21 GMT

GET
H2

200

site-logo-rb.svg
tescobank.azureedge.net/assets/site-logo-rb/1/
Redirect Chain

https://www.tescobank.com/assets/website/img/logo/site-logo-rb.svg
https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg

5 KB
2 KB

59ms
26ms

Image
image/svg+xml

2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 80e2a6156b3f132c69c53d4d3d2993c04a302f335c643de634d35da96ac839ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 13:08:22 GMT
content-encoding: br
last-modified: Mon, 26 Oct 2020 05:44:17 GMT
content-md5: uOBUxUCby6XWW6NGck/91Q==
etag: 0x8D879722DFE7ECF
x-azure-ref: 0Rv56ZQAAAADBzF2FMm00SajYBLopsdB1TE9OMjFFREdFMTgyMQBhNjllZjUxNi00YmM1LTRmZDEtYWI1YS02MjFmM2U3YjkyODA=
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 02bc788c-301e-005d-1c82-2ed9cd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31622400
x-ms-version: 2009-09-19

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://tescobank.azureedge.net/assets/site-logo-rb/1/site-logo-rb.svg
access-control-expose-headers: Request-Context
cache-control: private, max-age=19690
content-length: 187
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636

GET
H2 200 TESCOModern-Bold-web.woff2
www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/ 29 KB
30 KB 168ms
167ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/TESCOModern-Bold-web.woff2
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e5009170864964460be50a307724eae186bd9e6e8ba3bc88a35b91109764006a

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
last-modified: Mon, 21 Aug 2023 15:02:30 GMT
accept-ranges: bytes
content-length: 29720
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/font-woff2

GET
H2 200 TESCOModern-Light-web.woff2
www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/ 28 KB
30 KB 120ms
120ms Font
application/font-woff2 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tescobank.com/credit-card-apply/assets/font/Tesco-Modern/TESCOModern-Light-web.woff2
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8a0d031124f300127c0360780cba45570153bde6c2092d1cf411df8a611e798

Request headers

Referer: https://www.tescobank.com/
Origin: https://www.tescobank.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
last-modified: Mon, 21 Aug 2023 15:02:30 GMT
accept-ranges: bytes
content-length: 28940
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/font-woff2

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/c/ 0
107 B 136ms
37ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=0&c=746&i=7eydeu&p=privacy&s=395&d=9CZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0Ng8A8B9OYW1lIjoiVGVzY29CYW5rIiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwibW9kKwCQd2hpdGVsaXN0UwDwJG9va2llcyI6eyJURVNDT0JBTktfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKYA8Q8ifSwiZHQiOjE3MDI1NTkzMDIzMTAsInNldHRpbmdQAPAXbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJFbmepAKEiLCJkZWZhdWx0OQByTWVhc3VyZSQA8BkwLCJFeHBlcmllbmNlIjowLCJBZHZlcnRpc2luZyI6MH19LCJldmVuOwAiW3sLAEEiOiJj2ABwQ2hhbmdlZGAADqwABdQAwEFERUQiOiIxIn1dfQ
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 14 Dec 2023 13:08:21 GMT

GET
H2 200 helper.js Show response
www.tescobank.com/Scripts/Dist/shared/ 3 KB
4 KB 103ms
103ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/shared/helper.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7f05dd901605ce42b2a5f717cfa09bcc3a662a3a802959442847e928e12d97a

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 1263
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 autocomplete.min.js Show response
www.tescobank.com/scripts/vendors/node-packages/autocompleter/ 4 KB
5 KB 123ms
123ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/scripts/vendors/node-packages/autocompleter/autocomplete.min.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1a4172c4eac3c98b46022ff7a82af8300c0cebba17aa6277d27bff2b2d9bb6f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 1790
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 11:56:34 GMT
etag: "08564eda826da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 118ms
38ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 03:09:27 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 35936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: f1zncHDbzPNMtKgr55CZNi1wFMpAKcFQO9agZL-j0YGpqQH-l2gLJg==

POST
H2 201 /
identity.tescobank.com/afm/cspReport/ 0
2 KB 779ms
518ms Other
text/plain 2.17.147.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.tescobank.com/afm/cspReport/

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.217 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	report-uri /afm/cspReport/; default-src 'nonce-6ade55565ac0f5359455576b1689b2bf' 'self' blob: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' mpsnare.iesnare.com .tescobank.com .tescobank.com .ensighten.com .demdex.net .online-metrix.net .decibelinsight.net www.googletagmanager.com feedback.kpmgcx.cloud surveys.nunwood.com .facebook.net .google-analytics.com .googleapis.com track.omguk.com ; style-src 'self' 'unsafe-inline' .googleapis.com ; img-src 'self' data: blob: * ; font-src 'self' data: * ; connect-src 'self' mpsnare.iesnare.com .tescobank.com .tescobank.com .ensighten.com .demdex.net .online-metrix.net .decibelinsight.net www.googletagmanager.com feedback.kpmgcx.cloud surveys.nunwood.com .facebook.net .google-analytics.com .googleapis.com track.omguk.com wss: ; frame-src 'self' mpsnare.iesnare.com .tescobank.com .fls.doubleclick.net .tescobank.com .demdex.net .online-metrix.net feedback.kpmgcx.cloud surveys.nunwood.com ; frame-ancestors https://myproducts.tescobank.com https://tul1.outsystemsenterprise.com https://carclaims.tescobank.com; worker-src 'self' blob: * ; media-src 'self' mpsnare.iesnare.com blob: data: ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri /afm/cspReport/; default-src 'nonce-6ade55565ac0f5359455576b1689b2bf' 'self' blob: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' mpsnare.iesnare.com *.tescobank.com *.tescobank.com *.ensighten.com *.demdex.net *.online-metrix.net *.decibelinsight.net www.googletagmanager.com feedback.kpmgcx.cloud surveys.nunwood.com *.facebook.net *.google-analytics.com *.googleapis.com track.omguk.com ; style-src 'self' 'unsafe-inline' *.googleapis.com ; img-src 'self' data: blob: * ; font-src 'self' data: * ; connect-src 'self' mpsnare.iesnare.com *.tescobank.com *.tescobank.com *.ensighten.com *.demdex.net *.online-metrix.net *.decibelinsight.net www.googletagmanager.com feedback.kpmgcx.cloud surveys.nunwood.com *.facebook.net *.google-analytics.com *.googleapis.com track.omguk.com wss: ; frame-src 'self' mpsnare.iesnare.com *.tescobank.com *.fls.doubleclick.net *.tescobank.com *.demdex.net *.online-metrix.net feedback.kpmgcx.cloud surveys.nunwood.com ; frame-ancestors https://myproducts.tescobank.com https://tul1.outsystemsenterprise.com https://carclaims.tescobank.com; worker-src 'self' blob: * ; media-src 'self' mpsnare.iesnare.com blob: data: ;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:23 GMT
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET 5406e65db0d04a09e042d5fc
widget.trustpilot.com/trustbox-data/ 0
0

GET
H2 200 fade-type.js Show response
www.tescobank.com/Scripts/Dist/layout/enums/ 204 B
3 KB 127ms
127ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/layout/enums/fade-type.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

289bd205ea53fa938c2d0a7c93461dd35949031a6276e09b958b6d06a29987dd

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 299
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 200 slide-direction.js Show response
www.tescobank.com/Scripts/Dist/layout/enums/ 258 B
3 KB 119ms
119ms Fetch
application/x-javascript 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tescobank.com/Scripts/Dist/layout/enums/slide-direction.js?v=1.0.58

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

f33f88a254bcf37684d7d11515589de7dd4289a73da40cc1c276e1992547b35f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/x-es-module, */*
Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustpilot.com *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.google-analytics.com ; style-src 'self' 'unsafe-inline' *.googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net *.kampyle.com ; img-src 'self' data: blob: * ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net *.woopra.com *.fls.doubleclick.net fls.doubleclick.net *.lpsnmedia.net *.google.com *.googleapis.com *.qubit.com *.travelex.net *.adobedtm.com *.vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org *.decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com *.cloudfront.net *.demdex.net flex.cybersource.com *.g.doubleclick.net *.hotjar.com *.liveperson.net *.tescobank.com *.ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net *.google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk *.googleadservices.com *.googletagmanager.com *.gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com *.adnxs.com s.yimg.com *.sociomantic.com *.tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com ; frame-src 'self' *.trustpilot.com *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net *.vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv *.digital-cloud-uk.medallia.eu *.kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' *.tescobank.com ; object-src 'self' *.fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 325
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a7f8dd8-3291-4e0b-bdfc-05223d9ea636
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 12:02:28 GMT
etag: "0a264c0a926da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: max-age=31622400
accept-ranges: bytes

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/c/ 0
106 B 39ms
39ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/c/r.rnc?n=1&c=746&i=7eydeu&p=privacy&s=331&d=9CZ7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0Ng8A8B9OYW1lIjoiVGVzY29CYW5rIiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwibW9kKwCQd2hpdGVsaXN0UwDwJG9va2llcyI6eyJURVNDT0JBTktfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKYA8Q8ifSwiZHQiOjE3MDI1NTkzMDI0MjUsInNldHRpbmdQAPAXbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJFbmepAKEiLCJkZWZhdWx0OQByTWVhc3VyZSQA8CAwLCJFeHBlcmllbmNlIjowLCJBZHZlcnRpc2luZyI6MH19LCJldmVudHMiOltdfQ
Requested by: Host: www.tescobank.com
URL: https://www.tescobank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 14 Dec 2023 13:08:21 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame 8DD2 8 KB
3 KB 39ms
39ms Document
text/html 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tescobank.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 19352
cache-control: max-age=86400
content-encoding: gzip
content-length: 2109
content-type: text/html
date: Thu, 14 Dec 2023 07:45:50 GMT
etag: "991f71c8583c65f71143c6e83300ea2e"
last-modified: Mon, 08 May 2023 11:39:52 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-id: EcCcHgq4cHQ9zjHt4poDPlZbzqLNz8f0IaM4ZBcgAN5MgDn0B9ewhw==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 icon-card-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/47b1556d-e328-49ba-9b37-bbf9226fda00/ 1 KB
717 B 28ms
27ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/47b1556d-e328-49ba-9b37-bbf9226fda00/icon-card-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6bea6a3f8b075c57e85de9bf05d1e2c793c430041765c2a0c4b99ac1d3bac106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: iiccdbtQtBRiTJ1+uti1Og==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:32:57 GMT
etag: 0x8DB1A8360DB5A50
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAACWShXk2DsRTIa7yYFFdjUqTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1bbbca36-101e-001d-2478-2e275c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-money-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/6755af86-a8f6-4422-9019-5b219c24c16a/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/6755af86-a8f6-4422-9019-5b219c24c16a/icon-money-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e9f5c77e0fe5df9ab80c4a175e30b8998667168c9c12f027e58259fce10ed17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: gBgALdqWniWwHqLmxADMJA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:33:04 GMT
etag: 0x8DB1A836543117C
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAACMbDYbQEEDRaxHsv3pz53TTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 956261ca-f01e-0035-764a-2c50e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-suitcase-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/62d85f7e-2ba6-46ea-8365-a3d4603aa26a/ 933 B
1 KB 31ms
31ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/62d85f7e-2ba6-46ea-8365-a3d4603aa26a/icon-suitcase-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

47ef3758f4446dd066fc12a8456ce08eed5ef9bcf17b0fb53087a2a74fb8d4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:22 GMT
x-content-type-options: nosniff
content-md5: 1Lnfz2RKryrXdkbFMB8T0w==
x-cache: TCP_HIT
content-length: 933
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 21 Jun 2023 09:03:24 GMT
etag: 0x8DB72365EEA64EA
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAAADvTf7yyZzQ7gyHsZ6KbAjTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7954592c-e01e-002a-2ae4-2d8bf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-travel-money-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/dd9a7069-b957-42b7-a934-21e66a1c8ac4/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/dd9a7069-b957-42b7-a934-21e66a1c8ac4/icon-travel-money-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c42cf6a8875c8be4c3a955c29426d0b37d3490cde8d06feed972756ba1a08dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: gRtVUG58wMfJRZUq1lPVUA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:33:06 GMT
etag: 0x8DB1A8366B23A58
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAABq4+wuh+6qQqYstHp0g8yaTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b76b6ae8-901e-0048-2111-2dcc2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-car-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/429b508f-9fa2-4fdd-b2a1-1a82cae11351/ 3 KB
1 KB 28ms
27ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/429b508f-9fa2-4fdd-b2a1-1a82cae11351/icon-car-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

404fcfa2dd6b19270df21cc334598d7433b43311d9eeb6effdf5d62b03c4144f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: 8LqU9BDVz01rDoX7GMCzoA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:33:07 GMT
etag: 0x8DB1A83671D765D
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAAAZfmCVBhtrTYenAOtC+TKQTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 04af32bb-301e-0045-30c8-2d2327000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 House.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/e073fb5c-2fb8-4355-b72f-d468f1e1332e/ 762 B
984 B 33ms
32ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/e073fb5c-2fb8-4355-b72f-d468f1e1332e/House.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e9c64c8c42fe6df442590bc33b0919933ea03357e1d81508ea57c430628b9a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:22 GMT
x-content-type-options: nosniff
content-md5: gdwV5Mko5ALorBabRoqlOw==
x-cache: TCP_HIT
content-length: 762
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:33:07 GMT
etag: 0x8DB1A83670E5C69
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAABy/cFCSMewQ5gYMDJO05HYTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1bbbc9a3-101e-001d-2778-2e275c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-pet-insurance-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/7d86ffad-d996-495a-a60f-c9e66d5a7aad/ 1 KB
1 KB 28ms
28ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/7d86ffad-d996-495a-a60f-c9e66d5a7aad/icon-pet-insurance-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73676db6dd446c7ae2a476be5d5c09c649a17288023b9259ed46abf7b7cedd22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: 3nFSoYqoBr7DkGhQxdI5zQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:32:51 GMT
etag: 0x8DB1A835D389067
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAAAXaZmRQd5kTLPo7QqguyvQTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c201ce99-301e-0045-4b05-2e2327000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 icon-savings-white.svg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/c363434a-f8c4-4da5-98c2-46b67a3c0a8b/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/c363434a-f8c4-4da5-98c2-46b67a3c0a8b/icon-savings-white.svg

Requested by

Host: www.tescobank.com
URL: https://www.tescobank.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05c2222b87b5ba09017a09807f7bb2e9364e3ab97a13a0554062a720dbc276d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 13:08:22 GMT
content-md5: H4dATLl4yru99Wv1//uKhQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Wed, 01 Mar 2023 18:33:06 GMT
etag: 0x8DB1A8366770B00
x-frame-options: SAMEORIGIN
x-azure-ref: 0Rv56ZQAAAAD4VxLOteS3SrGl6lw2GVtKTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1b10e41c-b01e-005f-150b-2d0c48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame 8DD2 52 KB
16 KB 42ms
42ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7930f8fe550eb2eb38ac682205664ab072a4573b911831aff82f7f65433e6e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 06:21:14 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 24434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16291
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:40:00 GMT
server: AmazonS3
etag: "50eae10ede15e24d7015244f10951876"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: dGCKXi5hkpN-Cam8wdLtOYZELiPvUx4QfYmOaxxg12SEGrBJU7dATA==

GET
H2 200 5406e65db0d04a09e042d5fc Show response
widget.trustpilot.com/trustbox-data/ Frame 8DD2 1013 B
889 B 38ms
38ms XHR
application/json 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=4e3abd00000064000510af6e&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

39569026bd3bf655d979c40c6364a21bc98f16bb8920f83e92beeadc6666b164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 12:44:58 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 1739
x-cache: Hit from cloudfront
content-length: 458
x-xss-protection: 1; mode=block
server: Kestrel
etag: "0f3e6a6e54102ff9c09741775203820c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: tcMBnjwZ4vxV6xcWC5agf_uYNhzyQ6N6W25gRmBpw4X8jEzXQkj76A==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 8DD2 0
322 B 65ms
65ms XHR
text/plain 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=28px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.tescobank.com%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=4e3abd00000064000510af6e&widgetId=5406e65db0d04a09e042d5fc

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=4e3abd00000064000510af6e
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:08:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: 5ViAoefMYzIoD4nBTKQxjpLEQKxAwF-7m1c1kwXHtS3R5_1vLAjdGg==
x-xss-protection: 1; mode=block

POST
H2 200 pixel_7a1201c8 Show response
www.tescobank.com/akam/13/ 0
602 B 58ms
58ms XHR
text/html 2.17.147.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tescobank.com/akam/13/pixel_7a1201c8
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.160 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-160.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tescobank.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Dec 2023 13:08:22 GMT
content-length: 0
content-type: text/html

GET
H2 200 mum-laptop-family-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/94614fe1-6981-4f3c-9066-165a7dd1bab8/ 44 KB
44 KB 28ms
27ms Image
image/jpeg 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/94614fe1-6981-4f3c-9066-165a7dd1bab8/mum-laptop-family-s.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f711e78f8f97fda6d92b4024c09ccca47925d717333dfdeb20489af49864367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:23 GMT
x-content-type-options: nosniff
content-md5: IxmZd0k7fMRDrPaa0QX2ew==
x-cache: TCP_HIT
content-length: 45017
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 11:55:31 GMT
etag: 0x8DBEA88C340E8EE
x-frame-options: SAMEORIGIN
x-azure-ref: 0R/56ZQAAAABxYUbivxM+Ro8qvGNF2xLdTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f920061a-201e-001e-6e84-2e245b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 mum-laptop-family-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/94614fe1-6981-4f3c-9066-165a7dd1bab8/ 44 KB
44 KB 28ms
28ms Image
image/jpeg 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/94614fe1-6981-4f3c-9066-165a7dd1bab8/mum-laptop-family-s.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f711e78f8f97fda6d92b4024c09ccca47925d717333dfdeb20489af49864367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:23 GMT
x-content-type-options: nosniff
content-md5: IxmZd0k7fMRDrPaa0QX2ew==
x-cache: TCP_HIT
content-length: 45017
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 11:55:31 GMT
etag: 0x8DBEA88C340E8EE
x-frame-options: SAMEORIGIN
x-azure-ref: 0R/56ZQAAAADRQqjGp7hNQYaL4Kt38WyLTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: f920061a-201e-001e-6e84-2e245b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 gift-cards-3x2-sparkle-s.jpg
forrit-one-tb-prod-p1-consumables.azureedge.net/media/1b9db930-91f9-4570-8b5a-7931f45dcd3c/ 70 KB
71 KB 28ms
28ms Image
image/jpeg 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/1b9db930-91f9-4570-8b5a-7931f45dcd3c/gift-cards-3x2-sparkle-s.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cbb2ea4fe4face20098aba0ed8552b5232fc6ca7629e90ac0855e976bf0e951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:23 GMT
x-content-type-options: nosniff
content-md5: FgXVV+3ovWYe3xwadbfOuQ==
x-cache: TCP_HIT
content-length: 72146
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 11:55:51 GMT
etag: 0x8DBEA88CF3A9BD5
x-frame-options: SAMEORIGIN
x-azure-ref: 0R/56ZQAAAAAZNCWxHsqRS5NrxFPXbnmfTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 1c0636f5-001e-0009-048e-2de438000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forrit-one-tb-prod-p1-consumables.azureedge.net/media/1b9db930-91f9-4570-8b5a-7931f45dcd3c/gift-cards-3x2-sparkle-s.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cbb2ea4fe4face20098aba0ed8552b5232fc6ca7629e90ac0855e976bf0e951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 13:08:23 GMT
x-content-type-options: nosniff
content-md5: FgXVV+3ovWYe3xwadbfOuQ==
x-cache: TCP_HIT
content-length: 72146
x-ms-lease-status: unlocked
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 11:55:51 GMT
etag: 0x8DBEA88CF3A9BD5
x-frame-options: SAMEORIGIN
x-azure-ref: 0R/56ZQAAAADZFMfbkgoWTIQ9IKCrL38JTE9OMjFFREdFMTgyMQAzZGI4N2JkOC03Y2E5LTRkNDYtOWIzOS0wNjhlYjE4ZTViMTc=
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 1c0636f5-001e-0009-048e-2de438000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 38ms
37ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=746&i=6ylwrd&p=privacy&s=6474&d=8Eh7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjA4IiwiY2xpZW50SWQiOjc0NiwicHVibGlzaFBhdGgiOiJwcml2YWN5IiwiaW5zdGFuY2UpAPAUIjZ5bHdyZCIsInBhY2tldCI6MSwibW9kZSI6ImVuZm9yY2VZAPAOb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJFbmdlAPIJIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0tQDwJ2h0dHBzOi8vYXo0MTY0MjYudm8ubXNlY25kLm5ldC9zY3JpcHRzL2EvYWkuMC5qcyIsInR5cIQAAhsAcCIsInN0YXKeAMA3MDI1NTkzMDIwODWMAEZkIjoxFABwOTMsInNvdbYAwDoiYXBwZW5kQ2hpbOAA8ABzdGF0dXMiOiJibG9ja2UTAGByZWFzb26xAPEJIldoaXRlbGlzdCJdLCJkYXRhUGF0dGVyHQAxXSwiGgChOlsiTWVhc3VyZfwAQl0sIml-AM80NjEyMjUzMjIxfSz7AAXxHGZvcnJpdC1vbmUtdGItcHJvZC1wMS1jb25zdW1hYmxlcy5henVyZWVkZ2UUAfUwbWVkaWEvZmY3MTM5NTMtMzNjYS00ZDEyLTg4NGMtNDhlZDc0NjcxMDQ4L3Rlc2NvLWJhbmstbG9nby5zdmciQQEgaW0NAA0-AT0xMDk-ATcxMTc-ATFtdXS_AaJPYnNlcnZlckNMhgECRQE6bG9hQgEPNwEJBioBrzA2MTMzMTMwNjQqAZcvMTMqAQAfOCoBVh84KgE-oDEyYWRkN2UtOWNKAjAyYzUKAPAOYi00M2UwMTkyYzhmMWEvY2hyaXN0bWFzLTIwMjNdAvADbmVyLWRlc2t0b3AtYWx0LmpwWQIDpwMPZgIFLzEyPAFhnzIzNjc0NzgxNZADPw88AVkfNjwBah81eAI99iRkNWYyNzUzNi1iZDJiLTRlODItYmJiOS04Njk3OGY2OThmMTAvZmFtaWx5LXNlbGZpZS2GAh9scAITHjkUBj8xOTmsAwgfQdUEMBAz-wVfNjk0NjMzAQfzF3dpZGdldC50cnVzdHBpbG90LmNvbS9ib290c3RyYXAvdjUvdHAuJgAFFwBPLm1pbg8HFC4zNNEFARQABQ8HiWlubmVySFRNyAVbYWxsb3cNBw_LBROfNDEyMTA2NDg4oQQIA9AAC_YAAQ8AQGJveC1oB_EhLzU0MDZlNjVkYjBkMDRhMDllMDQyZDVmYz9idXNpbmVzc1VuaXRJZD00ZTNhYmQwAQD2CjY0MDAwNTEwYWY2ZSZsb2NhbGU9ZW4tR0I5CDJ4aHLbAQo2CD0zNTFWAwEUAAUnAbJYSFJfTUFOQUdFUkEAAvEGDykBJ58yNTEzNzA5NDQfAh4PKQH_FwUxAw9IAzAtNTAhAjc0NzRDBA9XCgQPEgkkBUcDHzk9BGkeNagHCvUADw4KQgT8AB85qAc-8CA0MjliNTA4Zi05ZmEyLTRmZGQtYjJhMS0xYTgyY2FlMTEzNTEvaWNvbi1jYXItd_0LDzcLEi40OSkBNzUyNR4CDCkBD2EGMa8yMDAyMjQ5NzAyJAIHD2AMI_IVNjc1NWFmODYtYThmNi00NDIyLTkwMTktNWIyMTljMjRjMTZhKAFfbW9uZXkqAS4fNioBTY84NTgwNTc4OFICP_IUN2IxNTU2ZC1lMzI4LTQ5YmEtOWIzNy1iYmY5MjI2ZmRhMDAqAU9jYXJkKQGOrzE3MTQzOTI4MDdTAj3yFWRkOWE3MDY5LWI5NTctNDJiNy1hOTM0LTIxZTY2YTFjOGFjNCkBf3RyYXZlbC1aAjMPuw4JD4QDMZ80MTQ0NjQ2ODnGBwgPhAMj8hU3ZDg2ZmZhZC1kOTk2LTQ5NWEtYTYwZi1jOWU2NmQ1YTdhYWQxAZBwZXQtaW5zdXK-EQ9jAi4PMgFOjzA3OTc1OTc0IQoIDzIBI_QTNjJkODVmN2UtMmJhNi00NmVhLTgzNjUtYTNkNDYwM2FhMrYEj3N1aXRjYXNlLQEuD_APCQ9fAjGfMjEwMjM3MzczXwI-8hVjMzYzNDM0YS1mOGM0LTRkYTUtOThjMi00NmI2N2EzYzBhOGJfAn9zYXZpbmdzLAGOrzMxNDI0MTE5NDa8BD3_G2UwNzNmYjVjLTJmYjgtNDM1NS1iNzJmLWQ0NjhmMWUxMzMyZS9Ib3VzZS4IKA9LAk2fMzgwMDI0MTUwBAcID5kNCy9lc5YNBv8IL2luZGV4Lmh0bWw_dGVtcGxhdGVJZD3FDQUUJsUNH3XFDQsYI8UN8gImc3R5bGVIZWlnaHQ9MjhweBEA8AVXaWR0aD0xMDAlMjUmdGhlbWU9bCMABvQNUGlmcmFtsBYN7xQvNDe4CQAfNtYLSJ8wNjkyMzk5NjCjAgcPhAHfDkkVGTWEAQw8Cw9zFjLQNDA2OTIzOTk2MX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:08:24 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 14 Dec 2023 13:08:23 GMT

GET
H3 204 TagAuditBeacon.rnc
nexus.ensighten.com/tescobank/brochureware/ 0
216 B 38ms
37ms Image
text/plain 2600:9000:206f:c600:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/tescobank/brochureware/TagAuditBeacon.rnc?cid=746&data=[-1|-1|1;221356|3446239|1;-1|-1|0;363832|2529597|1;311335|3269374|1;253007|3075918|1;493997|2433343|1]&idx=0&r=-1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:c600:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.tescobank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 12:08:14 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server: CloudFront
age: 3610
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XGJUMqgm4M3ktDdTjoftdpMH8I8Ec048rn1Zm9-QNZUa1AD8g_ogMw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=4e3abd00000064000510af6e&locale=en-GB

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tescobank.com/credit-card-apply	1969-12-31 23:59:59	Name: JSESSIONID Value: E5EBACFC43E72484466CAB63D696B098
.tescobank.com/	1970-01-21 01:41:35	Name: TESCOBANK_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1
.tescobank.com/	1970-01-20 16:56:06	Name: bm_sv Value: 3F27BCCC30AE186E4680D77665A81D3B~YAAQnJMRArgxjWSMAQAAxEJxaBawNRltT3nNz31tZiGJiy71iZ3l7cVqI9BGcRbe53R+1xWvzkuMIn1kmm10nTtDj/DfPGpDDpeg31Izvja37Tjkh3UkWts934T9q1TetX/C+5Sel176L2D4tAOn6T2pAnDxlNKWbBG0vzZfu/652chvN89vHLn96S76nmExhXNJF/3JjBULujYWXoaA4Fch2qZyQqcq1hKDPlG7UuJ+3DIyK1c7VFfVO4K1SyJPz3TL~1
www.tescobank.com/	1970-01-20 17:06:04	Name: AWSALBTG Value: 2qQ2sxyfq2FS6oXF1Mhmni+FN3EX2jzBqnTaxaJWmkCk4VXtPIdvQ9Py2fxT8a1BVz31AwUJ7sj5INg/SDeFDwgPHKLiQIvGYVmFhIR17n7M5oBaUkjTJ606b+aiQqgw7asPdhHfn0BWc7VNHNilAefg0d2kaYvAZm5hdTpCNt5R4NHxzUI=
www.tescobank.com/	1970-01-20 17:06:04	Name: AWSALBTGCORS Value: 2qQ2sxyfq2FS6oXF1Mhmni+FN3EX2jzBqnTaxaJWmkCk4VXtPIdvQ9Py2fxT8a1BVz31AwUJ7sj5INg/SDeFDwgPHKLiQIvGYVmFhIR17n7M5oBaUkjTJ606b+aiQqgw7asPdhHfn0BWc7VNHNilAefg0d2kaYvAZm5hdTpCNt5R4NHxzUI=
www.tescobank.com/	1970-01-20 17:06:04	Name: AWSALB Value: 0J6+EJKjZKvevaqyf6nvD92RFOFfVmtk0pNzWRGf8ZwTydGxDxRMtBTemVFwuXv2puEhpxg249yhPYXDCj6CFyYsv3Wd65jGrzHEwViwWv5w1ZiWrCthk945uByW
www.tescobank.com/	1970-01-20 17:06:04	Name: AWSALBCORS Value: 0J6+EJKjZKvevaqyf6nvD92RFOFfVmtk0pNzWRGf8ZwTydGxDxRMtBTemVFwuXv2puEhpxg249yhPYXDCj6CFyYsv3Wd65jGrzHEwViwWv5w1ZiWrCthk945uByW
.tescobank.com/	1970-01-20 16:56:06	Name: ak_bmsc Value: B310D4D646FAEA897C31A4D5C7EDCA5B~000000000000000000000000000000~YAAQnJMRAsIxjWSMAQAAvERxaBaIugEo6flHthztxeyFqUnWesqzDF4F5RPnv3X503N0cHSf8V30dhLzYzkwPmh62O+a4ZSd61P3G9YBqQ6CZP6kN0TddWfek591LxdVFYunMNb2tI1sB/g+RBquohOI7zXSHb+k0XK5VWqa1g2VbtY3Z/iRdganizHnTZToqEWOA4unrDVJzf9Tl5dIT66XDNtVTRugh+BF4cQamdoa7m/VnRIOicmLxmYw36QeOdYXdaiwZmzRjayKSNciRBmjdJA2lLHUN/wVF4A0WgwtwUI+mwb8kbIHAiBfT66wDPrO4Ve4z45ss/w16SpCglutRtvBcDt3zmKfIFaB/S5U1ayzuuu8YxoaJf13aGXCvQrNBDY8T/8Q/6ASNSRT0JveQYrP/c/YsWbTlj8alIq7M9pehfn+LxoNZo0Zx5gRafYB1Zhkh6QEXqmoqol8lYIEL62sYUuQoReFu5e3OntQz9sNS6v2aHSlUBewatC1LCM=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js(Line 182) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://nexus.ensighten.com/tescobank/brochureware/Bootstrap.js(Line 182) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://nexus.ensighten.com/tescobank/privacy/Bootstrap.js(Line 457) Message: Refused to connect to 'https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=4e3abd00000064000510af6e&locale=en-GB' because it violates the following Content Security Policy directive: "connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://identity.tescobank.com/afm/cspReport/; default-src 'nonce-14eb65f75aaf2c4316f47e00583c27b0' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustpilot.com .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .google-analytics.com ; style-src 'self' 'unsafe-inline' .googleapis.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net .kampyle.com ; img-src 'self' data: blob: ; child-src 'self' blob: ; font-src 'self' data: * ; connect-src 'self' bam-cell.nr-data.net .woopra.com .fls.doubleclick.net fls.doubleclick.net .lpsnmedia.net .google.com .googleapis.com .qubit.com .travelex.net .adobedtm.com .vo.msecnd.net bat.bing.com c.evidon.com cdn.cookielaw.org .decibelinsight.net cm.everesttech.net connect.facebook.net dc.services.visualstudio.com .cloudfront.net .demdex.net flex.cybersource.com .g.doubleclick.net .hotjar.com .liveperson.net .tescobank.com .ensighten.com r.turn.com royalsunallianceinsu.tt.omtrdc.net rsa.d2.sc.omtrdc.net rum-static.pingdom.net service.maxymiser.net .google-analytics.com stash.qubitproducts.com static.ads-twitter.com static.goqubit.com tescobank.azureedge.net ue.enablermail.com www.facebook.com www.google.co.uk .googleadservices.com .googletagmanager.com .gstatic.com track.omguk.com wss://sync.onfido.com wss://collection.decibelinsight.net mpsnare.iesnare.com .adnxs.com s.yimg.com .sociomantic.com .tiles.mapbox.com api.mapbox.com events.mapbox.com p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com ; frame-src 'self' .trustpilot.com .fls.doubleclick.net fls.doubleclick.net .tescobank.com tescobank.demdex.net .vo.msecnd.net service.maxymiser.net p.teads.tv t.teads.tv cm.teads.tv .digital-cloud-uk.medallia.eu .kampyle.com apps.commbox.io now.commbox.io js-agent.newrelic.com bam-cell.nr-data.net ; frame-ancestors 'self' .tescobank.com ; object-src 'self' .fls.doubleclick.net fls.doubleclick.net *.tescobank.com tescobank.demdex.net; media-src 'self' apps.commbox.io ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.privacy.ensighten.com
forrit-one-tb-prod-p1-consumables.azureedge.net
identity.tescobank.com
nexus.ensighten.com
tescobank.azureedge.net
tescobank.com.s3-website-eu-west-1.amazonaws.com
widget.trustpilot.com
www.tescobank.com
widget.trustpilot.com
2.17.147.160
2.17.147.217
2.17.147.219
2600:9000:206f:c600:2:8f43:5780:93a1
2620:1ec:46::63
3.124.173.63
52.222.236.107
52.92.35.124
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
05c2222b87b5ba09017a09807f7bb2e9364e3ab97a13a0554062a720dbc276d6
06a25eb20544eaa0fb6eea364fea588a79d6adc4fd0e6e909b6762a0cfb1974e
0b9f29ff84f1dd1eed259d636610d91e5f8b4e99cadf5886073c70bf2039ea9f
0e9f5c77e0fe5df9ab80c4a175e30b8998667168c9c12f027e58259fce10ed17
173d077fc2c2b2277848d4791fde2e37ac8aff4779c2719f44839af94f6b916b
19c38c1f19eb506cf0eb52cfdf697831a5f2b371164a7b4b1090d4e185a2c14f
1cbb2ea4fe4face20098aba0ed8552b5232fc6ca7629e90ac0855e976bf0e951
22c07af3234f9d6dc7f9a781740625e4c7e4287a9ce9709f6d89c36b962b23c1
289bd205ea53fa938c2d0a7c93461dd35949031a6276e09b958b6d06a29987dd
39569026bd3bf655d979c40c6364a21bc98f16bb8920f83e92beeadc6666b164
3e8866a96f8f984940e24e17f77611fc957045df700c03e828edbd264e0cc43d
3f711e78f8f97fda6d92b4024c09ccca47925d717333dfdeb20489af49864367
404fcfa2dd6b19270df21cc334598d7433b43311d9eeb6effdf5d62b03c4144f
44b291a081fd68b2cbb1cb4b0be3817de820853a0586b2c750765ea45978eaff
47ef3758f4446dd066fc12a8456ce08eed5ef9bcf17b0fb53087a2a74fb8d4d1
49a997ad3efef8509cc12ab2366b550e8b62559764b6402e1565ba5431f6d907
4c42cf6a8875c8be4c3a955c29426d0b37d3490cde8d06feed972756ba1a08dc
4ff339998010a0a8d02aff45adae6e1d535c174bdcd797b807124485539781b8
54144ce24fde7fc52154e72eea4186438ac4d4f1991af2d0d4c440998c2d03ef
568219ca839f8425765048f6ff3214e8fa5ce4025f4315e7e1e3be5b906c0b63
5f0cf82d5e09e03fada71e328cf7f97ab29015542c419c48d40ebe1569143223
5f9c15b61eb2e0552290225807a6826c7dc7b8396fa3c05ead5b24d2a9b0ba10
6a477a71358f9744e891c82b452d815d069e0751b250953b5d0f64e2f9c11f04
6bea6a3f8b075c57e85de9bf05d1e2c793c430041765c2a0c4b99ac1d3bac106
73676db6dd446c7ae2a476be5d5c09c649a17288023b9259ed46abf7b7cedd22
7930f8fe550eb2eb38ac682205664ab072a4573b911831aff82f7f65433e6e37
7b54539fdcea4727c3256bf6aea43f0a5a0c4beca493d49221b967eb3dea0e6c
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80e2a6156b3f132c69c53d4d3d2993c04a302f335c643de634d35da96ac839ba
85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84
8a34d5bf04784d240998095d06dbfd6309d2e414ec864e5440618cec9ac93cff
a1e52d77264de139e04bb7eb4d8ceea358f95e06356b527fb50bb3054b2d62a6
d1a4172c4eac3c98b46022ff7a82af8300c0cebba17aa6277d27bff2b2d9bb6f
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
de219074ff2fbcfc4c1724036bdf883ab0b27568a87b9972eb64011cfc07ba9e
e111bc91c6e5fecd40be7ebfb9244cc2844f6e7840ee1b836db20b1caf15b284
e19a267c1a8b205b022e155d7c65adb9468072ba26bf277ab916e937586f603c
e34af59d458d35dded3856a00e1c02a50f4d802f71305d34fb355113881b23e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5009170864964460be50a307724eae186bd9e6e8ba3bc88a35b91109764006a
e9c64c8c42fe6df442590bc33b0919933ea03357e1d81508ea57c430628b9a3c
ec8db258f651d2e44e2f9041570097fc265f8a9f3603f844256f9400e0cd2758
f33f88a254bcf37684d7d11515589de7dd4289a73da40cc1c276e1992547b35f
f7f05dd901605ce42b2a5f717cfa09bcc3a662a3a802959442847e928e12d97a
f8a0d031124f300127c0360780cba45570153bde6c2092d1cf411df8a611e798
fc3de12503ecb116a9f44677fa8d2b1c066d2313189b89fb2df5817f5d907ca2

www.tescobank.com Open in urlscan Pro 2.17.147.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

25 %IPv6

5 Domains

8 Subdomains

7 IPs

4 Countries

1460 kBTransfer

2497 kBSize

8 Cookies

15 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tescobank.com Open in urlscan Pro
2.17.147.160 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

25 %
IPv6

5
Domains

8
Subdomains

7
IPs

4
Countries

1460 kB
Transfer

2497 kB
Size

8
Cookies

56 HTTP transactions
2 data transactions