www.onlinebanking.natwest.com Open in urlscan Pro
155.136.22.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onlinebanking.natwest.com/Default.aspx
Submission: On February 01 via manual (February 1st 2023, 8:44:27 pm UTC) from GB — Scanned from GB

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 81 HTTP transactions. The main IP is 155.136.22.4, located in United Kingdom and belongs to RBSG-UK-AS Edinburgh, GB. The main domain is www.onlinebanking.natwest.com. The Cisco Umbrella rank of the primary domain is 203986.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on January 13th 2023. Valid for: a year.

This is the only time www.onlinebanking.natwest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	155.136.22.4 155.136.22.4	21054 (RBSG-UK-A...) (RBSG-UK-AS Edinburgh)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:f70... 2a02:26f0:f700:4b0::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	20.49.208.53 20.49.208.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:4f:1... 2620:1ec:4f:1::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:214... 2600:9000:214f:f600:8:4d07:a640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.249.101.99 178.249.101.99	11054 (LIVEPERSON) (LIVEPERSON)
7	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
81	10

29 155.136.22.4 (United Kingdom)

ASN21054 (RBSG-UK-AS Edinburgh, GB)

www.onlinebanking.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f700:4b0::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.49.208.53 (London, United Kingdom) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

personal.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4f:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:f600:8:4d07:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)

logon.onlinebanking.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.101.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	natwest.com 1 redirects www.onlinebanking.natwest.com — Cisco Umbrella Rank: 203986 personal.natwest.com — Cisco Umbrella Rank: 207637 www.natwest.com — Cisco Umbrella Rank: 66772 logon.onlinebanking.natwest.com — Cisco Umbrella Rank: 367670	1 MB
10	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3250 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3649	418 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	143 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	115 KB
2	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3267	116 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	314 B
0	Failed function sub() { [native code] }. Failed
81	7

	Domain	Requested by
29	www.onlinebanking.natwest.com	www.onlinebanking.natwest.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
7	cdn.cookielaw.org	www.onlinebanking.natwest.com cdn.cookielaw.org
4	assets.adobedtm.com	www.onlinebanking.natwest.com assets.adobedtm.com
3	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
2	lptag.liveperson.net	www.onlinebanking.natwest.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	logon.onlinebanking.natwest.com	www.onlinebanking.natwest.com
1	www.natwest.com	www.onlinebanking.natwest.com
1	personal.natwest.com	1 redirects
0	iebpjdmgckacbodjpijphcplhebcmeop Failed	www.onlinebanking.natwest.com
0	djflhoibgkdhkhhcedjiklpkjnoahfmg Failed	www.onlinebanking.natwest.com
0	cplklnmnlbnpmjogncfgfijoopmnlemp Failed	www.onlinebanking.natwest.com
0	gpolcofcjjiooogejfbaamdgmgfehgff Failed	www.onlinebanking.natwest.com
0	nndknepjnldbdbepjfgmncbggmopgden Failed	www.onlinebanking.natwest.com
0	jnhgnonknehpejjnehehllkliplmbmhn Failed	www.onlinebanking.natwest.com
0	bjjgbdlbgjeoankjijbmheneoekbghcg Failed	www.onlinebanking.natwest.com
0	rumola Failed	www.onlinebanking.natwest.com
0	nconiknmmhhhffhmbknbplalknajiaef Failed	www.onlinebanking.natwest.com
0	neodgnejhhhlcdoglifbmioajmagpeci Failed	www.onlinebanking.natwest.com
81	20

This site contains no links.

Subject Issuer	Validity	Valid
onlinebanking.natwest.com COMODO RSA Extended Validation Secure Server CA	`2023-01-13` - `2024-02-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
logon.nwolb.com COMODO RSA Organization Validation Secure Server CA	`2022-10-11` - `2023-10-29`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.onlinebanking.natwest.com/Default.aspx
Frame ID: 24DE6D0F9BFADD5DA69C3C209B1AE3BF
Requests: 33 HTTP requests in this frame

Frame: https://www.onlinebanking.natwest.com/login.aspx
Frame ID: A93DECCE41184008152DDD8EAF48CA91
Requests: 49 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true
Frame ID: C442E928F1D10A4ABB96B5B7B2707E22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to NatWest Online Banking

Page URL History Show full URLs

https://www.onlinebanking.natwest.com/Default.aspx Page URL
https://www.onlinebanking.natwest.com/Default.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

81
Requests

67 %
HTTPS

50 %
IPv6

7
Domains

20
Subdomains

10
IPs

3
Countries

1818 kB
Transfer

4818 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.onlinebanking.natwest.com/Default.aspx Page URL
https://www.onlinebanking.natwest.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://personal.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif HTTP 301
https://www.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif

81 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Default.aspx Show response
www.onlinebanking.natwest.com/ 5 KB
6 KB 270ms
62ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/Default.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 080e9707c07e5bc0695fcf8780994c4bfddf00f5c261a7a85db7f8863767d84a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Length: 5187
Content-Type: text/html

GET
H/1.1 200
OK 085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479 Show response
www.onlinebanking.natwest.com/TSPD/ 283 KB
83 KB 61ms
61ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=10
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 21078229bf6deee7a4088a1d08d2c3a8653f448217a14fcb3374bee18ec74580

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=86400
Content-Length: 85336
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET 32.png
neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/ 0
0

GET icon-128.png
nconiknmmhhhffhmbknbplalknajiaef/ 0
0

GET icon-16.png
nconiknmmhhhffhmbknbplalknajiaef/ 0
0

GET rumola48.png
rumola/content/ 0
0

GET rumola128.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET on.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET rumola48.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/assets/images/ 0
0

GET icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 0
0

GET icon48.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 0
0

GET options.html
nndknepjnldbdbepjfgmncbggmopgden/ 0
0

GET mining128.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 0
0

GET mining16.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 0
0

GET index.html
nndknepjnldbdbepjfgmncbggmopgden/client/dist/ 0
0

GET pixel.gif
gpolcofcjjiooogejfbaamdgmgfehgff/ 0
0

GET agenty-100.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 0
0

GET agenty-16.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 0
0

GET sgplus.css
gpolcofcjjiooogejfbaamdgmgfehgff/core/ 0
0

GET logo24.png
cplklnmnlbnpmjogncfgfijoopmnlemp/skin/ 0
0

GET spoofer_cs.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 0
0

GET jquery.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 0
0

GET icon.addressbar.gif
iebpjdmgckacbodjpijphcplhebcmeop/images/ 0
0

GET manifest.json
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET background.html
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET popup.html
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET
H/1.1 200
OK Primary Request Default.aspx Show response
www.onlinebanking.natwest.com/ 11 KB
14 KB 76ms
67ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Default.aspx

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=10

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

a738b0e3ae062f7f50f0237d966988792ad7489ee516d05d76163189994931a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Default.aspx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Feb 2023 20:44:23 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479 Show response
www.onlinebanking.natwest.com/TSPD/ 131 KB
33 KB 60ms
59ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=17
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: edf71c8756abeca81a8f396a943a2d13b8c64c40197d4bb3b6198110e2b3b2a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=86400
Content-Length: 33946
Content-Type: text/javascript

GET
H/1.1 200
OK login.aspx Show response
www.onlinebanking.natwest.com/ Frame A93D 112 KB
115 KB 77ms
77ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/login.aspx

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

632fadb84a8a1ae065970517f3243c389192255680e8be0c939218708ee1044f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Default.aspx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Feb 2023 20:44:23 GMT
Expires: -1
Pragma: no-cache
RBSPageID: LI5
Referrer-Policy: strict-origin-when-cross-origin
Refresh: 725;url=ServiceManagement/Timeout.aspx
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479 Show response
www.onlinebanking.natwest.com/TSPD/ Frame A93D 131 KB
33 KB 274ms
61ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=17
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: edf71c8756abeca81a8f396a943a2d13b8c64c40197d4bb3b6198110e2b3b2a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=86400
Content-Length: 33946
Content-Type: text/javascript

GET
H/1.1 200
OK master.css
www.onlinebanking.natwest.com/Brands/ Frame A93D 289 KB
290 KB 172ms
64ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

86729c04b2c260defcd98924ded92f7327460f375d0e37ef304a155b416db2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 295987
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK npc.css
www.onlinebanking.natwest.com/Brands/NWB/css/ Frame A93D 52 KB
53 KB 347ms
172ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

97031846c8a86f0cc2152c7cbcce3c6087cb00a20639f11e21870bf2615cb726

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 53238
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK overlayPromptMaster.css
www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/ Frame A93D 1 KB
2 KB 265ms
68ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css?v=638041134020000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:02 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "079e2c6f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 1378
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK overlayPrompt.css
www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/NPC/ Frame A93D 76 B
726 B 264ms
67ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css?v=638041134020000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:02 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "079e2c6f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 76
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ScriptCombiner.axd Show response
www.onlinebanking.natwest.com/ Frame A93D 105 KB
105 KB 362ms
137ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/ScriptCombiner.axd?s=IFSControls1704&v=230201

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

93b1d941f8fa3f83be23e4807420c038dc51b9779ff86b248de6d66cfdb182e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Content-Encoding: utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public, max-age=2592000
X-XSS-Protection: 1; mode=block
Expires: Fri, 03 Mar 2023 20:44:24 GMT

GET
H/1.1 200
OK ScriptCombiner.axd Show response
www.onlinebanking.natwest.com/ Frame A93D 425 B
1 KB 330ms
64ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/ScriptCombiner.axd?s=Accessibility&v=230201

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

11cdc5b04aa16fea9f398b4ae8ba1b6bf5ec3ea5430c63d0e40243ea06c08937

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Content-Encoding: utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public, max-age=2592000
X-XSS-Protection: 1; mode=block
Expires: Fri, 03 Mar 2023 20:44:24 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame A93D 25 KB
9 KB 162ms
57ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 79422
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Mon, 30 Jan 2023 20:36:09 GMT
server: cloudflare
etag: 0x8DB03019EC57C05
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8bd5a73a-801e-0125-0408-350600000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d865e3a8024b5-LHR

GET
H2 200 satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js Show response
assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/ Frame A93D 326 KB
93 KB 381ms
86ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 74bc3710cd2cd4e60777ebb90d2fb1fd004e14a91ae07c5f9a619cc1465bb5e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:24 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 08:55:12 GMT
server: AkamaiNetStorage
etag: "c32fc774095f15324232baa8563cd7bc:1670921712.488948"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 94906
expires: Wed, 01 Feb 2023 21:44:24 GMT

GET
H/1.1 200
OK n-w-logo.svg
www.onlinebanking.natwest.com/brands/NWB/images/ Frame A93D 5 KB
5 KB 60ms
60ms Image
image/svg+xml 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/brands/NWB/images/n-w-logo.svg

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 4874
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WebResource.axd Show response
www.onlinebanking.natwest.com/ Frame A93D 23 KB
23 KB 126ms
125ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/WebResource.axd?d=Cmj2wdbIzodHqG_1PA37Bk4WoldIkQdlxX4rcW_mpOV71O6rleIcd7IeijpiPN4Ejqcg2hvVGpGrlP2nzZfNZLbDwdc1&t=637788741478779744

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Jan 2022 09:55:47 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Feb 2024 02:17:31 GMT

GET
H/1.1 200
OK mm.js Show response
www.onlinebanking.natwest.com/Brands/ Frame A93D 9 KB
10 KB 123ms
123ms Script
application/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/mm.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

7ff1d2812ffac71e20f669c8d8b3a76a1c369afec61a564549e1700f3071538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 9476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WebResource.axd Show response
www.onlinebanking.natwest.com/ Frame A93D 26 KB
27 KB 63ms
63ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/WebResource.axd?d=oWDioZzZI0SGEHDrJWGO9A15jtq7fF3l3w2sNCHx0I5zpOlbGQLCi8XT9BjnFR-thkTSvbR-9NqyYbLEWKTh0kVUibs1&t=637788741478779744

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Jan 2022 09:55:47 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Feb 2024 02:17:31 GMT

GET
H2

200

nw-security-banner-vishing-194x443.gif
www.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/ Frame A93D
Redirect Chain

https://personal.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif
https://www.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif

14 KB
15 KB

191ms
39ms

Image
image/gif

2620:1ec:4f:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

Server

2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-dispatcher: dispatcher2uksouth
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Feb 2023 20:44:24 GMT
x-content-type-options: nosniff
x-vhost: Natwest Com
x-cache: TCP_HIT
content-length: 14375
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Nov 2022 23:09:00 GMT
etag: "3827-5ed11bdea26be"
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: https://supportcentre.natwest.com
cache-control: public, max-age=3600
permissions-policy: geolocation=(self "https://natwest.com")
x-azure-ref: 0KM/aYwAAAAD9HdoNrwE2SquEUAbAgMP5TE9OMjFFREdFMTgwNwBhNmVlNGZiMy01ZTU3LTQwNGQtYjJmNS03OTJlZDFkZTdkNTc=
accept-ranges: bytes

Redirect headers

x-dispatcher: dispatcher5uksouth
date: Wed, 01 Feb 2023 20:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server
x-vhost: Natwest Personal
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: https://supportcentre.natwest.com
location: https://www.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif
permissions-policy: geolocation=(self "https://personal.natwest.com")
content-length: 330

GET
H/1.1 200
OK FSCS_Protected_Logo.png
www.onlinebanking.natwest.com//Brands/NWB/images/ Frame A93D 6 KB
6 KB 61ms
61ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com//Brands/NWB/images/FSCS_Protected_Logo.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 5679
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK error-marker.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 1 KB
2 KB 65ms
65ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/error-marker.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 1090
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RealtimeLogin.js Show response
www.onlinebanking.natwest.com/Brands/jq_scripts/ Frame A93D 3 KB
3 KB 65ms
65ms Script
application/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/jq_scripts/RealtimeLogin.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

8fed25d950a68b39c624682efca2ba8179aef53498ce62af94a999183a464cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 2804
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RNHouseSansW05-Regular.woff2
www.onlinebanking.natwest.com/Brands/NWB/fonts/ Frame A93D 21 KB
22 KB 78ms
77ms Font
font/woff2 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/fonts/RNHouseSansW05-Regular.woff2

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000
Origin: https://www.onlinebanking.natwest.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: font/woff2
Cache-Control: max-age=900
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ Frame A93D 33 KB
12 KB 92ms
91ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Wed, 01 Feb 2023 21:44:25 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ Frame A93D 25 KB
9 KB 100ms
100ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8753
expires: Wed, 01 Feb 2023 21:44:25 GMT

GET
H/1.1 200
OK white-lock.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 285 B
937 B 83ms
83ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/white-lock.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 285
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK li5_outer_frame_top_curve.gif
www.onlinebanking.natwest.com/images/ Frame A93D 20 KB
20 KB 84ms
84ms Image
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/images/li5_outer_frame_top_curve.gif

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-UA-Compatible: IE=edge
Pragma: no-cache
Content-Security-Policy: upgrade-insecure-requests;
Date: Wed, 01 Feb 2023 20:44:24 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-FRAME-OPTIONS: SAMEORIGIN, SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 20476
X-XSS-Protection: 1; mode=block
RBSPageID: PNF
Expires: -1

GET
H/1.1 200
OK radio-normal.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 1 KB
2 KB 70ms
69ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/radio-normal.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 1317
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined-shape.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 359 B
1011 B 70ms
70ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/combined-shape.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 359
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK down-chevron.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 295 B
947 B 65ms
65ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/down-chevron.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 295
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK check-box.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 157 B
809 B 66ms
66ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/check-box.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 157
X-XSS-Protection: 1; mode=block

GET
H2 200 4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json Show response
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/ Frame A93D 3 KB
2 KB 169ms
54ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ede50b71ee3bb7d1fc76e95e9c1f208e6e99f97b4ed08e84391df55953876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uh3BpMxkCGkmDbr/EEYobA==
age: 41878
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1411
x-ms-lease-status: unlocked
last-modified: Thu, 08 Dec 2022 09:05:21 GMT
server: cloudflare
etag: 0x8DAD8FB56217869
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cbcba468-701e-00d1-4ae4-0a65b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d8662febd23ca-LHR
expires: Thu, 02 Feb 2023 20:44:25 GMT

GET
H/1.1 200
OK radio-selected.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame A93D 2 KB
2 KB 97ms
68ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/radio-selected.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=638041134000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 1633
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RNHouseSansW05-Bold.woff2
www.onlinebanking.natwest.com/Brands/NWB/fonts/ Frame A93D 22 KB
22 KB 98ms
69ms Font
font/woff2 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/fonts/RNHouseSansW05-Bold.woff2

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=638041134000000000
Origin: https://www.onlinebanking.natwest.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 20:44:24 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Nov 2022 12:50:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "04cb1c5f0f8d81:0"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: font/woff2
Cache-Control: max-age=900
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 6a1d7b64.js Show response
logon.onlinebanking.natwest.com/scripts/6a1d7b63/ Frame A93D 738 KB
126 KB 476ms
65ms Script
application/javascript 2600:9000:214f:f600:8:4d07:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logon.onlinebanking.natwest.com/scripts/6a1d7b63/6a1d7b64.js
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f600:8:4d07:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86bfe6b5e4da2aec3486b64442fa46a47499e302cf978f8916729212934309e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
date: Wed, 01 Feb 2023 17:23:54 GMT
last-modified: Wed, 10 Aug 2022 20:12:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 12032
etag: "c76fddbdbe816afdad171020d3c06e23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 128671
x-amz-cf-id: 0yTfNU2bVQh1P0rgC8jsuGFBNkVcEO7TYcC6BH0mg_hBZB4OXL5rdQ==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ Frame A93D 21 KB
8 KB 501ms
96ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=49343281

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 07 Dec 2022 20:20:28 GMT
server: ws
etag: "6390f58c-1da4"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7588

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame A93D 69 B
314 B 365ms
70ms XHR
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.onlinebanking.natwest.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 792d866529f8dc3d-LHR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ Frame A93D 334 KB
79 KB 58ms
58ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 47743
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b588b788-f01e-0108-2f26-f585c0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d86659ed324b5-LHR

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/ Frame A93D 298 KB
108 KB 57ms
57ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Default.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

66063dc2f8212dd48706e338035e0dae5a62213a0b285598aad6ff965c35ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/bbae0bb2-5e87-44cc-923c-e5970d893645/ Frame A93D 204 KB
34 KB 47ms
47ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/bbae0bb2-5e87-44cc-923c-e5970d893645/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de7c24bae9ef5f041f492b249aceb98300d64e40cbfd2b004476fdb52a5af46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l5msCKXnTUnfOzloN9sNSQ==
age: 41875
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 34422
x-ms-lease-status: unlocked
last-modified: Thu, 08 Dec 2022 09:05:23 GMT
server: cloudflare
etag: 0x8DAD8FB5737CAD7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5eee6acb-e01e-005c-08e4-0a291f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d86665c4823ca-LHR
expires: Thu, 02 Feb 2023 20:44:25 GMT

GET
BLOB 200
OK ebd6626c-531a-4c63-9009-a56c074b4541
https://www.onlinebanking.natwest.com/ Frame A93D 177 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onlinebanking.natwest.com/ebd6626c-531a-4c63-9009-a56c074b4541
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e913fcb191c41dbad49654b63e06541ceedd259e6a3dc0d02324937050333fa6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 181110
Content-Type

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ Frame A93D 9 KB
3 KB 53ms
52ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea07c75cc70340374feb3872db77d7d5b74e6e8b62fd538f36209b1815ecd3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H5sekmzucUF8sFtSeINTKg==
age: 2681
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:14 GMT
server: cloudflare
etag: 0x8DA032EBF6EA85E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c6c12aeb-501e-0028-67e4-0aaf59000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d8666ed3c23ca-LHR

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ Frame A93D 47 KB
12 KB 47ms
46ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZpEAbh0BppVJFPu0Tn1v0w==
age: 41876
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11558
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC085471F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0e3f1f67-301e-011e-27e4-0a445e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 792d8666ed3e23ca-LHR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ Frame A93D 21 KB
4 KB 54ms
54ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Feb 2023 20:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2HSefDmVwJneRQMu6SXIPw==
age: 41873
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7d5f182c-e01e-00fd-3ae4-0ae784000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 792d8666ed3f23ca-LHR

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/49343281/configuration/setting/accountproperties/ Frame A93D 7 KB
3 KB 253ms
44ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/49343281/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

fa0543bf373988bbdc41853151c5b9a48244d8036f616f88f1b1d7dadf4da5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 01 Feb 2023 20:45:26 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ Frame A93D 40 KB
15 KB 308ms
48ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ Frame A93D 88 KB
30 KB 359ms
99ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ Frame A93D 92 KB
31 KB 405ms
146ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ Frame A93D 8 KB
3 KB 451ms
192ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/ Frame A93D 8 KB
3 KB 285ms
84ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

20f92a175cce959e287948bdb3d4f4cf5acfaee87801ddf0e38f046f3d6c0068

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 01 Feb 2023 20:45:26 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ Frame A93D 961 KB
300 KB 62ms
62ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame A93D 37 KB
15 KB 235ms
234ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=49343281&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 01 Feb 2024 20:44:26 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame C442 39 KB
16 KB 232ms
232ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=natwest&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 01 Feb 2023 20:44:26 GMT
expires: Thu, 01 Feb 2024 20:44:26 GMT
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/49343281/configuration/domainprotection/ Frame C442 3 KB
2 KB 94ms
94ms Script
application/javascript 178.249.101.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/49343281/configuration/domainprotection/refererrestrictions?cb=lpCb35613x6081

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-accdn.lpsnmedia.net

Software

ws /

Resource Hash

6372b6586ff0b3b4899a8ecdfa6c3658136981922531ab2eee88f5158854b03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:27 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 01 Feb 2023 20:45:27 GMT

GET
H2 200 RC86ab34e5af2b4b439e5547a4400221a0-source.min.js Show response
assets.adobedtm.com/90decdbe34ba/7870138cbf13/56023d9e23c5/ Frame A93D 1 KB
780 B 85ms
85ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/90decdbe34ba/7870138cbf13/56023d9e23c5/RC86ab34e5af2b4b439e5547a4400221a0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 85caad174e976eddda9667620e8a54fb371ed0687fcaed5f9951f56ce76701d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:44:27 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 08:55:13 GMT
server: AkamaiNetStorage
etag: "f8a916cc0947ac8758bb948f9f0b3de5:1670921713.771623"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 504
expires: Wed, 01 Feb 2023 21:44:27 GMT

GET
H/1.1 200
OK / Show response
www.onlinebanking.natwest.com/TSPD/ 0
354 B 56ms
56ms XHR
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/?type=22
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=17
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.onlinebanking.natwest.com/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Length: 0
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: neodgnejhhhlcdoglifbmioajmagpeci
URL: chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png

Domain: nconiknmmhhhffhmbknbplalknajiaef
URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png

Domain: nconiknmmhhhffhmbknbplalknajiaef
URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png

Domain: rumola
URL: chrome://rumola/content/rumola48.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css

Domain: cplklnmnlbnpmjogncfgfijoopmnlemp
URL: chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png

Domain: djflhoibgkdhkhhcedjiklpkjnoahfmg
URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js

Domain: djflhoibgkdhkhhcedjiklpkjnoahfmg
URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ldvbt4eykqx5lpwii0jegnyn
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: BIGipServer~eBank~pool-www.nwolb.com-2017 Value: !2fKLnpPcV7HcJ3iW4MrhPCVJmefn4BYeqUIj2+bQT0CXCKjUXWffayZ3zCOczP4jC0EuBTvI0gILl1o=
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TSPD_101 Value: 085c953939ab280083da4112c1a3f0224ea802cae92c0bc8d2720510c7bf3e934dd6f86e227e1b54c1132a1ea6d1a32508bfbacf140518007cf5536406b41c5f6d02e0bc2731c87c51c19e6be3acc48f
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: BrowserConfigKey Value: .*
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: bcsid Value: e4f8a287674c4e9395a6d0fee95bb57d
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: hdnss Value: 10033666-7e03-42b9-a96e-a04c9f844195
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: shadowStatus Value: Status=False
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: submind Value: 0
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TS0112addc Value: 01662b9c3e78b74705cd4d2afd58a428190d574e0343efde393a0010c81d33438d5f490ba0126cdc6fa22c8ef28a5a70ce08c4a762f353fbdd8fea686e2c9cd706729a84089048cecf991b8cb9d017a790d613a1590fec2ed75f768f359ee9d624f8fd7952b5e3df738a44a91f642d0aaad1a25e505aff98a33518122ca43831215248092de2f84cbc2d62b8ca6055c1e9f8bc7a76208ebad52c5dc165da379ace093e832227d6bde34aef5d3b1dcd5d896bd97c8e3529986df515e67202e84fb3aa22636baadc3a7bc29b84ee23b78e50c36fdaa489f2443d87bd7347fde8590a36816f8346aaf6ba5ac0f37caf128e99aa9b14e4441d2f8761985315d9ad84bc3301edac4462af7f870c85ceec2a467859cb3e2b2a18677212a0ae85a23db75f276b84d9
personal.natwest.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 21e95205a83902261197c6848befb469
personal.natwest.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 21e95205a83902261197c6848befb469
www.onlinebanking.natwest.com/	1970-01-20 09:21:24	Name: TS36d71c00029 Value: 085c953939ab2800ea2c1ba000f0466aa8b5fb964a186bdc68821f576560c330c5c86ed9934f9c8443a04d321ad6364e
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TSfebd381b027 Value: 085c953939ab200024b5f27a22c1c45a68fd68a47ff122805cb72f991deeb01a3670847ccb813ffd088310ecd8113000c378797f6595d806eb7a80c85105efd5c763ba24145348e85859d677b65d10af7a362f00cfffac52790d52f6a7bc8a54
.natwest.com/	1970-01-20 18:07:00	Name: bmuid Value: 1675284266009-56B4B62A-A2AE-4811-A97B-8AB7DDD329BD
.natwest.com/	1970-01-20 18:07:00	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Feb+01+2023+20%3A44%3A26+GMT%2B0000+(GMT)&version=6.31.0&isIABGlobal=false&hosts=&consentId=8e900980-8d5f-46bc-b2fb-158756b01c70&interactionCount=0&landingPath=https%3A%2F%2Fwww.onlinebanking.natwest.com%2Flogin.aspx&groups=C0001%3A1%2CC0009%3A0%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.natwest.com/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.natwest.com/	1970-01-20 09:21:27	Name: cdSNum Value: 1675284266248-sjn0000622-491b1065-80ce-487f-bda6-8b2736c1e271

49 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab20004f7adc7047b9676106351f317da54bfc83936ff05c204dda3bdd5221bee55479?type=10(Line 562) Message: Not allowed to load local resource: chrome://rumola/content/rumola48.png
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.onlinebanking.natwest.com/Default.aspx Message: Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html' from origin 'https://www.onlinebanking.natwest.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
assets.adobedtm.com
bjjgbdlbgjeoankjijbmheneoekbghcg
cdn.cookielaw.org
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
geolocation.onetrust.com
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
logon.onlinebanking.natwest.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
personal.natwest.com
rumola
www.natwest.com
www.onlinebanking.natwest.com
bjjgbdlbgjeoankjijbmheneoekbghcg
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
rumola
155.136.22.4
178.249.101.23
178.249.101.98
178.249.101.99
20.49.208.53
2600:9000:214f:f600:8:4d07:a640:93a1
2606:4700::6810:9540
2606:4700::6812:1a55
2620:1ec:4f:1::60
2a02:26f0:f700:4b0::1e80
080e9707c07e5bc0695fcf8780994c4bfddf00f5c261a7a85db7f8863767d84a
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
11cdc5b04aa16fea9f398b4ae8ba1b6bf5ec3ea5430c63d0e40243ea06c08937
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72
20f92a175cce959e287948bdb3d4f4cf5acfaee87801ddf0e38f046f3d6c0068
21078229bf6deee7a4088a1d08d2c3a8653f448217a14fcb3374bee18ec74580
26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847
27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56
632fadb84a8a1ae065970517f3243c389192255680e8be0c939218708ee1044f
6372b6586ff0b3b4899a8ecdfa6c3658136981922531ab2eee88f5158854b03e
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
64ede50b71ee3bb7d1fc76e95e9c1f208e6e99f97b4ed08e84391df55953876d
66063dc2f8212dd48706e338035e0dae5a62213a0b285598aad6ff965c35ceed
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6
6de7c24bae9ef5f041f492b249aceb98300d64e40cbfd2b004476fdb52a5af46
74bc3710cd2cd4e60777ebb90d2fb1fd004e14a91ae07c5f9a619cc1465bb5e0
7ff1d2812ffac71e20f669c8d8b3a76a1c369afec61a564549e1700f3071538f
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
85caad174e976eddda9667620e8a54fb371ed0687fcaed5f9951f56ce76701d9
86729c04b2c260defcd98924ded92f7327460f375d0e37ef304a155b416db2ae
86bfe6b5e4da2aec3486b64442fa46a47499e302cf978f8916729212934309e4
8fed25d950a68b39c624682efca2ba8179aef53498ce62af94a999183a464cd6
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93b1d941f8fa3f83be23e4807420c038dc51b9779ff86b248de6d66cfdb182e5
97031846c8a86f0cc2152c7cbcce3c6087cb00a20639f11e21870bf2615cb726
9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
a738b0e3ae062f7f50f0237d966988792ad7489ee516d05d76163189994931a4
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2
ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b
d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814
d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082
d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e913fcb191c41dbad49654b63e06541ceedd259e6a3dc0d02324937050333fa6
ea07c75cc70340374feb3872db77d7d5b74e6e8b62fd538f36209b1815ecd3d6
edf71c8756abeca81a8f396a943a2d13b8c64c40197d4bb3b6198110e2b3b2a4
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d
fa0543bf373988bbdc41853151c5b9a48244d8036f616f88f1b1d7dadf4da5db
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

www.onlinebanking.natwest.com Open in urlscan Pro 155.136.22.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

67 %HTTPS

50 %IPv6

7 Domains

20 Subdomains

10 IPs

3 Countries

1818 kBTransfer

4818 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onlinebanking.natwest.com Open in urlscan Pro
155.136.22.4 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

67 %
HTTPS

50 %
IPv6

7
Domains

20
Subdomains

10
IPs

3
Countries

1818 kB
Transfer

4818 kB
Size

17
Cookies

81 HTTP transactions
3 data transactions