urlscan.io logo urlscan.io
SecurityTrails logo

www.natwestgroupovations-redeem.co.uk Open in urlscan Pro
34.242.170.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.natwestgroupovations-redeem.co.uk/
Effective URL: https://www.natwestgroupovations-redeem.co.uk/
Submission: On April 13 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 34.242.170.101, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.natwestgroupovations-redeem.co.uk.
TLS certificate: Issued by R3 on March 31st 2021. Valid for: 3 months.
This is the only time www.natwestgroupovations-redeem.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 34.242.170.101 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.58.127 16509 (AMAZON-02)
31 8
17    34.242.170.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
www.natwestgroupovations-redeem.co.uk
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6812:1940 (United States)

ASN13335 (CLOUDFLARENET, US)
client-api.arkoselabs.com
3    2600:9000:206f:e200:a:ae56:e940:21 (United States)

ASN16509 (AMAZON-02, US)
d2yirbirtw3grp.cloudfront.net
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    65.9.58.127 (United States)

ASN16509 (AMAZON-02, US)
asset.gomoxie.solutions
Domain Requested by
17 www.natwestgroupovations-redeem.co.uk 1 redirects www.natwestgroupovations-redeem.co.uk
7 cdnjs.cloudflare.com www.natwestgroupovations-redeem.co.uk
cdnjs.cloudflare.com
3 d2yirbirtw3grp.cloudfront.net www.natwestgroupovations-redeem.co.uk
1 asset.gomoxie.solutions www.natwestgroupovations-redeem.co.uk
1 www.googletagmanager.com www.natwestgroupovations-redeem.co.uk
1 client-api.arkoselabs.com www.natwestgroupovations-redeem.co.uk
1 code.jquery.com www.natwestgroupovations-redeem.co.uk
1 www.google-analytics.com www.natwestgroupovations-redeem.co.uk
31 8

This site contains links to these domains. Also see Links.

Domain
www.ourprivacycommitments.com
Subject Issuer Validity Valid
www.natwestgroupovations-redeem.co.uk
R3		 2021-03-31 -
2021-06-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2020-11-06 -
2021-11-05		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.gomoxie.solutions
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2021-09-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.natwestgroupovations-redeem.co.uk/
Frame ID: B78D3B1271F4FB30776D77574FCDBCF5
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.natwestgroupovations-redeem.co.uk/ HTTP 307
    https://www.natwestgroupovations-redeem.co.uk/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

1004 kB
Transfer

2697 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.natwestgroupovations-redeem.co.uk/ HTTP 307
    https://www.natwestgroupovations-redeem.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.natwestgroupovations-redeem.co.uk/
Redirect Chain
  • http://www.natwestgroupovations-redeem.co.uk/
  • https://www.natwestgroupovations-redeem.co.uk/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7f88ad126cf248c63546988677000459832a984e71629a17a769d76a4855502d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Host
www.natwestgroupovations-redeem.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Kestrel
X-Xss-Protection
1
X-Frame-Options
DENY
Strict-Transport-Security
max-age=2592000
Date
Tue, 13 Apr 2021 10:31:22 GMT

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.natwestgroupovations-redeem.co.uk/
Server
Microsoft-IIS/8.5
Date
Tue, 13 Apr 2021 10:31:23 GMT
Content-Length
169
global-variables.js
www.natwestgroupovations-redeem.co.uk/assets/scripts/ 		86 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/scripts/global-variables.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
2c898a4b4d452a43aec9e5f277202de00babb912ca278c106a882c18aadf7f06
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:37 GMT
Server
Kestrel
ETag
"1d72d1a563da8d6"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:22 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2387
date
Tue, 13 Apr 2021 09:51:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Tue, 13 Apr 2021 11:51:36 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1009420
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
382
cf-request-id
096c623f9a0000178efe373000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AEaO3oDQrTIpAozMhPlI8QncvUR9n3xREFIfcppG4vVPo4GgzQHWNUHyZFflaPXUkvf6o7vsQady9DyJfhjC2AOlWvxx6fELx3ad0SIoqebalNURWM9G79mKcW1U7bzfUQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc62178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.8/ 		245 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.8/lottie.min.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416b855385b4a222a725adc6573e59fa935ff7579361d987a20708789a5638dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
9354247
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52961
cf-request-id
096c623f980000178ea9256000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-3d498"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FNVBUcJnl9O6Ka6IfFGZCOsKnbbwp69Pa4I0i8KIXlyTksMZy53TEwxxncb7Wxn0eZQGXDayUwHbI6syvIl14BEQmvUKw1wlBzeAQtx%2FY0Pax8n%2B9HmlE2Ls0vZikmYLhA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc67178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1011307
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
637
cf-request-id
096c623f970000178e8f3c0000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-92d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=APgZ4XefjeeOqGUaH7JM8yzR6YIfCjQjzlIioYXh9Rq2Jj6ERZvmqPcVgoECb7HcOpK4mDASqVFnFl%2BKYJN4xhcIa6uUB9lcGMA7t93QScAr%2BIwWv7Kp5dgQWaWYJj654g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc64178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/all.css
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a901d4417fa018661fa42ed97678b4f2cafe874ca65ebd1abe62004ae718e053
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4844174
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10241
cf-request-id
096c623f980000178ee8284000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-111b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2B5y9Nhw6MdLTjOLJr2loIRmfYY%2FpkMATNJrpIaB4OXvX3iCewh%2BHlqHsrlrmy7mjy6178gsKARvOvP9pV2ThhG91hJo1LGzj8DGg8y39VKbWy%2BD0W9qHKLQOjCSnMQeeA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc65178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1618309883.dop053.fr8.t,1618309883.cds262.fr8.hc,1618309883.cds002.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2813892
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6955
cf-request-id
096c623f990000178eb991b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5f30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r2JzZfpDvw3iXdQ0y2AmH7VaxCLiXgNhx3n5VgoRUuF9X%2BAA6m9kVdKXI24nuYNDTN2qij3hLjkGybKG1B6v9WobzapQzSQchu9AsYeex664cv3%2B7SBlPol%2BmFeClvV3Gg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc6b178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
noty.min.css
cdnjs.cloudflare.com/ajax/libs/noty/3.1.4/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noty/3.1.4/noty.min.css
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b285bf88010d779b84061d3e694212d66d9d2b82baa93701f4c2ee3a7584421c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5917128
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2086
cf-request-id
096c623f980000178ed9902000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-3d21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oAzOCxKTE%2F8XDSM3gnKoDBzESDXkVfCbw%2FHZY2yy%2BwaI2gJ6gycPV0AludnpBgSdTExEG802efGijjIVaLFsH2r3D1V5f8qvxcHIpimXwXph61X3LpfDj%2FbMkQNwcsa7Zw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40645bc66178e-FRA
expires
Sun, 03 Apr 2022 10:31:23 GMT
site.min.css
www.natwestgroupovations-redeem.co.uk/css/ 		3 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/css/site.min.css
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:37 GMT
Server
Kestrel
ETag
"1d72d1a563da883"
X-Frame-Options
DENY
Content-Type
text/css
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:22 GMT
Theme
www.natwestgroupovations-redeem.co.uk/ 		305 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/Theme
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e1d8722d90d59bad10309763a757cab6d0065f29e39a0e6ec8d0eeb71c0647aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Kestrel
Date
Tue, 13 Apr 2021 10:31:22 GMT
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
private,max-age=600
Transfer-Encoding
chunked
X-Xss-Protection
1
api.js
client-api.arkoselabs.com/v2/42931034-68BE-DA3F-DDCF-ECBDBF066CFF/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client-api.arkoselabs.com/v2/42931034-68BE-DA3F-DDCF-ECBDBF066CFF/api.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1940 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424428b1cb99144a899d571869c148a0b8ff9ebd2692f0fc2576dc9e844173a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
618274
cache-tag
42931034-68BE-DA3F-DDCF-ECBDBF066CFF
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
J8K3KTBJ33M14DC0
x-amz-id-2
RU+tR7jGtVqGetYrU4wNctU2kI1Iw36k1/CT7PDFa2M82PZ9WNYv7NU9WO4YagInvR7iwMuBSIw=
last-modified
Tue, 06 Apr 2021 03:28:57 GMT
server
cloudflare
etag
W/"0c4dbda5f57b01326b30b46b1d2bde1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=0, s-maxage=31536000
cf-request-id
096c623fe600004e9273a42000000001
cf-ray
63f406463cc34e92-FRA
Natwest%20group%20logo%2080px.png
d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/Natwest%20group%20logo%2080px.png
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e200:a:ae56:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d24666795bb817b6e9b3253c5af7e09dba7225202fa991229105d52177f84a6c

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:24 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jul 2020 13:58:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e50e70980da9a61fcf5d5a7d18bb7580"
x-cache
Miss from cloudfront
x-amz-version-id
KDqS9kRIK96boUk3tdTX8BtbSoBBrMAa
accept-ranges
bytes
content-type
image/png
content-length
6621
x-amz-cf-id
_lpUBm1cJdCmA8HlAOZKXine_DgVuCKc0j9P5pDs5jqKseuaBX2Fdw==
runtime-bundle.6a61ff38f056f07d2b91.js
www.natwestgroupovations-redeem.co.uk/js/dist/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/js/dist/runtime-bundle.6a61ff38f056f07d2b91.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55a517d5"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:23 GMT
vendors-bundle.8e8cd6556dd2c9155f0d.js
www.natwestgroupovations-redeem.co.uk/js/dist/ 		958 KB
365 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/js/dist/vendors-bundle.8e8cd6556dd2c9155f0d.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
f06e792471e71ee76ce9ddf7274262d4652b414c4b4ef58e2ecd7e1945ec9480
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55abead8"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:23 GMT
home-bundle.b2527297b95e04119b8d.js
www.natwestgroupovations-redeem.co.uk/js/dist/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/js/dist/home-bundle.b2527297b95e04119b8d.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
86aabc65ba6be8875342bf4b2d8ac84217f8d702ad9539ba32a118c4b3681716
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55a5dbfe"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:23 GMT
central_lov_logo.png
d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/central_lov_logo.png
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e200:a:ae56:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81cf23fcf8654ea22f6f44c22375d832cb5bcb17bfd75268be66acb3dc182e30

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:24 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 16:16:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"f5b7877a50336a6056baa795271b6134"
x-cache
Miss from cloudfront
x-amz-version-id
ER9ijyoRxq6KI13mcpyrxdERU6TB_7np
accept-ranges
bytes
content-type
image/png
content-length
19660
x-amz-cf-id
SXksiRKhvC4TDlI1LxIeewPpmA2vJObq2-5QH8ND7fUMXJ53YeOeeA==
js.js
www.natwestgroupovations-redeem.co.uk/assets/scripts/ 		144 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/scripts/js.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
f47d79e5774697d49eac48cc503934f2010293405ad167a72d40f3c050d257cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55a75289"
X-Frame-Options
DENY
Content-Type
application/javascript
X-Xss-Protection
1
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Tue, 13 Apr 2021 10:31:23 GMT
gtm.js
www.googletagmanager.com/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W532QWW
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
523c5e99a08e0f17bbcc9ae05fdff40a98862bfa8f95a2df9201252d2cf3dd7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51538
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Apr 2021 10:31:23 GMT
BioSans-Regular.woff2
www.natwestgroupovations-redeem.co.uk/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/fonts/BioSans-Regular.woff2
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/Theme
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
f5604e4619b8eb73a40d4ed7ede714cdd6ce6d47ab74211228a2c1eb7a94bbf1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Origin
https://www.natwestgroupovations-redeem.co.uk
Referer
https://www.natwestgroupovations-redeem.co.uk/Theme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 09 Apr 2021 08:28:37 GMT
Server
Kestrel
ETag
"1d72d1a563dfc84"
X-Frame-Options
DENY
Content-Type
font/woff2
Date
Tue, 13 Apr 2021 10:31:22 GMT
Accept-Ranges
bytes
Content-Length
21508
X-Xss-Protection
1
BioSans-Bold.woff2
www.natwestgroupovations-redeem.co.uk/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/fonts/BioSans-Bold.woff2
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/Theme
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
83a457e13a8bd47046e0825311ed9f720f0c692376ebd287793c61f676f1ff7a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Origin
https://www.natwestgroupovations-redeem.co.uk
Referer
https://www.natwestgroupovations-redeem.co.uk/Theme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55a541dc"
X-Frame-Options
DENY
Content-Type
font/woff2
Date
Tue, 13 Apr 2021 10:31:23 GMT
Accept-Ranges
bytes
Content-Length
21468
X-Xss-Protection
1
GetWebsiteContents
www.natwestgroupovations-redeem.co.uk/Theme/ 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/Theme/GetWebsiteContents
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/js/dist/vendors-bundle.8e8cd6556dd2c9155f0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
8f3938c039b6a59f3390d9241bf34787c4737441e1466b64c88115c2b74e562c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Server
Kestrel
X-Frame-Options
DENY
Date
Tue, 13 Apr 2021 10:31:22 GMT
X-Xss-Protection
1
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
GetWebsiteAdditionalConfigurationData
www.natwestgroupovations-redeem.co.uk/ 		166 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/GetWebsiteAdditionalConfigurationData
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/js/dist/vendors-bundle.8e8cd6556dd2c9155f0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
69dadc214acb2526b694e5c430e0218f07437c0254927339a707bb86088aec15
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Xss-Protection
1
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Date
Tue, 13 Apr 2021 10:31:23 GMT
Content-Length
166
X-Frame-Options
DENY
Content-Type
application/json
GetSettings
www.natwestgroupovations-redeem.co.uk/ 		401 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/GetSettings
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/js/dist/vendors-bundle.8e8cd6556dd2c9155f0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
9175b97b4d69ed99ed641ffd2b909cc9f100463c89cdbbcc833f4587b2f1257a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=2592000
Server
Kestrel
X-Frame-Options
DENY
Date
Tue, 13 Apr 2021 10:31:23 GMT
X-Xss-Protection
1
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
GetWebsiteContents
www.natwestgroupovations-redeem.co.uk/Theme/ 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/Theme/GetWebsiteContents
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/js/dist/vendors-bundle.8e8cd6556dd2c9155f0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
8f3938c039b6a59f3390d9241bf34787c4737441e1466b64c88115c2b74e562c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Cache-Control
no-store, no-cache, must-revalidate
Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Server
Kestrel
X-Frame-Options
DENY
Date
Tue, 13 Apr 2021 10:31:23 GMT
X-Xss-Protection
1
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
concierge-client.js
asset.gomoxie.solutions/concierge/hawkgamerschoice/client/ 		225 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.gomoxie.solutions/concierge/hawkgamerschoice/client/concierge-client.js
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9af5844c90a0da0716697e122f483c5ce959d5f45d8bb8acfea236a2fe5a9323

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 10:31:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Mar 2021 01:39:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
ETag
"b8bfb02b958e18d481d4f238224973ae"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
Cache-Control
public, max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65374
X-Amz-Cf-Id
Min8HMuYjE3wScekfQCH2_igghOzLj-mrI99isYuKuYHzGy9oZeqHA==
BioSans-Light.woff2
www.natwestgroupovations-redeem.co.uk/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/fonts/BioSans-Light.woff2
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/Theme
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a152b89389b8334cb6c778950a316fcf418953a5880c626121064289b499c62e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Origin
https://www.natwestgroupovations-redeem.co.uk
Referer
https://www.natwestgroupovations-redeem.co.uk/Theme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 09 Apr 2021 08:28:36 GMT
Server
Kestrel
ETag
"1d72d1a55a5471c"
X-Frame-Options
DENY
Content-Type
font/woff2
Date
Tue, 13 Apr 2021 10:31:23 GMT
Accept-Ranges
bytes
Content-Length
21788
X-Xss-Protection
1
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c679fe7bb9f96a6b0908b5d92473ab21c9001f25471578083429530f048bc33
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.natwestgroupovations-redeem.co.uk
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0-12/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
26457
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13604
cf-request-id
096c624166000097485e1af000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-3524"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2FZ7AJVvFcnS3XdG%2FhL6S2gkM4Ccbv8z3Wv%2FTHOEMORdK20YB73FUW6rr8H5SmKu%2B4GgpRJorca5muEVgIcBZ3QxKXWpTZSrlgZqVMiP7Mr28NtJT9Z2soNa3lMfvwbfHg%3D%3D"}],"group":"cf-nel"}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63f40648ac519748-FRA
expires
Sun, 03 Apr 2022 10:31:24 GMT
icomoon.ttf
www.natwestgroupovations-redeem.co.uk/assets/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.natwestgroupovations-redeem.co.uk/assets/fonts/icomoon.ttf?5cvscw
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/Theme
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
34.242.170.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-170-101.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
2f5c553e7fff504c6217dba29abf55d23b5b155ccc196619af685744c980a85c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Origin
https://www.natwestgroupovations-redeem.co.uk
Referer
https://www.natwestgroupovations-redeem.co.uk/Theme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 09 Apr 2021 08:28:37 GMT
Server
Kestrel
ETag
"1d72d1a563d8940"
X-Frame-Options
DENY
Content-Type
application/x-font-ttf
Date
Tue, 13 Apr 2021 10:31:22 GMT
Accept-Ranges
bytes
Content-Length
8640
X-Xss-Protection
1
234012587_Ovations%20banner_491x192.png
d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2yirbirtw3grp.cloudfront.net/supercheques/UAT/Website/11/234012587_Ovations%20banner_491x192.png
Requested by
Host: www.natwestgroupovations-redeem.co.uk
URL: https://www.natwestgroupovations-redeem.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e200:a:ae56:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15949d0c2d4c51848e55ca6376703d1c3f8e66de2f10bbbb2338f95750597de2

Request headers

Referer
https://www.natwestgroupovations-redeem.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 10:31:25 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Fri, 14 Feb 2020 12:06:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"06e51da15ccb711994dc9cddfd05f366"
x-cache
Miss from cloudfront
x-amz-version-id
EX_0NWbsIweRcX4agGzLFkJ9zuoCh_Bb
accept-ranges
bytes
content-type
image/png
content-length
19750
x-amz-cf-id
PGmXugPkyAbYOBgoGmjeBmf-E5Gb1XUxqv3iqan61UwSlCPSmE_tUg==

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| onEnforcementProviderLoaded object| reactSeedData object| google_tag_data function| ga object| gaplugins object| dataLayer object| a function| b object| lottie object| bodymovin function| $ function| jQuery object| google_tag_manager function| setCookie2 string| cookieSettingsTxt object| cookieSettingsModal number| r_a object| cookieSettings object| modalClose object| cookieSettingsTitle object| cookieSettingsText object| cookieSettingsText2 object| performanceCookiesDiv object| performanceCookiesLabel object| performanceCheckbox object| saveSettingsDiv object| saveSettingsButton function| getCookie function| setCookie object| myCookie string| txt string| txt2 object| cookiepermissionDialogbox object| externalLink function| moreInfo object| cpdiv object| cpQuestion object| cpPolicyLink object| cpTextPart2 object| cpOptiondiv object| cpSep object| cpYes object| cpYesA object| cpNo object| cpNoA object| arkoseLabsClientApi2eed425a object| regeneratorRuntime object| webpackJsonp function| setImmediate function| clearImmediate function| IMask function| openMobNav function| goToFirstStep function| stickyRedemptionNav function| stickyBasketAndCodes object| selectHowItWorksAnimationData function| loadHowItWorksAnimations function| loadHowItWorksPageAnimationsAndSlider function| setupEnforcement object| conciergeReady

0 Cookies

3 Console Messages

Source Level URL
Text
console-api error URL: https://asset.gomoxie.solutions/concierge/hawkgamerschoice/client/concierge-client.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://asset.gomoxie.solutions/concierge/hawkgamerschoice/client/concierge-client.js(Line 2)
Message:
Error: Concierge failed to load: localStorage required
console-api log URL: https://www.natwestgroupovations-redeem.co.uk/assets/scripts/js.js(Line 395)
Message:
Animations Initialised

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options DENY
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset.gomoxie.solutions
cdnjs.cloudflare.com
client-api.arkoselabs.com
code.jquery.com
d2yirbirtw3grp.cloudfront.net
www.google-analytics.com
www.googletagmanager.com
www.natwestgroupovations-redeem.co.uk
2001:4de0:ac18::1:a:2a
2600:9000:206f:e200:a:ae56:e940:21
2606:4700::6810:125e
2606:4700::6812:1940
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2008
34.242.170.101
65.9.58.127
0cda93427f381fa612cce8702924b167a8b27dbedbaa45a7784423f0da02032b
15949d0c2d4c51848e55ca6376703d1c3f8e66de2f10bbbb2338f95750597de2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2c898a4b4d452a43aec9e5f277202de00babb912ca278c106a882c18aadf7f06
2f5c553e7fff504c6217dba29abf55d23b5b155ccc196619af685744c980a85c
416b855385b4a222a725adc6573e59fa935ff7579361d987a20708789a5638dd
424428b1cb99144a899d571869c148a0b8ff9ebd2692f0fc2576dc9e844173a1
4c679fe7bb9f96a6b0908b5d92473ab21c9001f25471578083429530f048bc33
523c5e99a08e0f17bbcc9ae05fdff40a98862bfa8f95a2df9201252d2cf3dd7a
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
69dadc214acb2526b694e5c430e0218f07437c0254927339a707bb86088aec15
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
7f88ad126cf248c63546988677000459832a984e71629a17a769d76a4855502d
81cf23fcf8654ea22f6f44c22375d832cb5bcb17bfd75268be66acb3dc182e30
83a457e13a8bd47046e0825311ed9f720f0c692376ebd287793c61f676f1ff7a
86aabc65ba6be8875342bf4b2d8ac84217f8d702ad9539ba32a118c4b3681716
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8f3938c039b6a59f3390d9241bf34787c4737441e1466b64c88115c2b74e562c
9175b97b4d69ed99ed641ffd2b909cc9f100463c89cdbbcc833f4587b2f1257a
9af5844c90a0da0716697e122f483c5ce959d5f45d8bb8acfea236a2fe5a9323
a152b89389b8334cb6c778950a316fcf418953a5880c626121064289b499c62e
a901d4417fa018661fa42ed97678b4f2cafe874ca65ebd1abe62004ae718e053
b285bf88010d779b84061d3e694212d66d9d2b82baa93701f4c2ee3a7584421c
d24666795bb817b6e9b3253c5af7e09dba7225202fa991229105d52177f84a6c
e1d8722d90d59bad10309763a757cab6d0065f29e39a0e6ec8d0eeb71c0647aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06e792471e71ee76ce9ddf7274262d4652b414c4b4ef58e2ecd7e1945ec9480
f47d79e5774697d49eac48cc503934f2010293405ad167a72d40f3c050d257cc
f5604e4619b8eb73a40d4ed7ede714cdd6ce6d47ab74211228a2c1eb7a94bbf1
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4