urlscan.io logo urlscan.io
SecurityTrails logo

myrewards.natwest.com Open in urlscan Pro
45.60.1.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.myrewards.natwest.com/m/surl/203175/552582/mq1WZmFSbSnPKsI7-vr1eSkrsgj5KoUo1ImG9kVTDv8=/link_2/OseAHGzw5kkFdsz7m72tJ3H...
Effective URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Submission: On December 15 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 8 domains to perform 57 HTTP transactions. The main IP is 45.60.1.158, located in United States and belongs to INCAPSULA, US. The main domain is myrewards.natwest.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 15th 2022. Valid for: a year.
This is the only time myrewards.natwest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 81.92.125.211 39905 (ACTITO)
13 45.60.1.158 19551 (INCAPSULA)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 178.249.97.23 11054 (LIVEPERSON)
5 178.249.97.99 11054 (LIVEPERSON)
9 178.249.97.98 11054 (LIVEPERSON)
1 2a00:1450:400... 15169 (GOOGLE)
4 178.249.97.70 11054 (LIVEPERSON)
2 2620:1ec:46::45 8068 (MICROSOFT...)
57 13
1    81.92.125.211 (Belgium)

ASN39905 (ACTITO, BE)
email.myrewards.natwest.com
13    45.60.1.158 (United States)

ASN19551 (INCAPSULA, US)
myrewards.natwest.com
7    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
6    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
5    178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net
9    178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net
1    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    178.249.97.70 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net
lo.v.liveperson.net
2    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.natwest.com
Apex Domain
Subdomains		 Transfer
16 natwest.com
email.myrewards.natwest.com
myrewards.natwest.com
www.natwest.com — Cisco Umbrella Rank: 70172
385 KB
14 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3366
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3723
440 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
545 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 403
141 KB
6 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3426
lo.v.liveperson.net — Cisco Umbrella Rank: 17295
119 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 478
128 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 672
305 B
57 8
Domain Requested by
13 myrewards.natwest.com myrewards.natwest.com
9 lpcdn.lpsnmedia.net lptag.liveperson.net
7 cdn.cookielaw.org myrewards.natwest.com
cdn.cookielaw.org
6 www.gstatic.com www.google.com
www.gstatic.com
5 accdn.lpsnmedia.net lptag.liveperson.net
lpcdn.lpsnmedia.net
4 lo.v.liveperson.net lptag.liveperson.net
4 www.google.com myrewards.natwest.com
www.gstatic.com
www.google.com
3 assets.adobedtm.com myrewards.natwest.com
assets.adobedtm.com
2 www.natwest.com lpcdn.lpsnmedia.net
2 lptag.liveperson.net assets.adobedtm.com
1 fonts.gstatic.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 email.myrewards.natwest.com 1 redirects
57 13

This site contains links to these domains. Also see Links.

Domain
www.natwest.com
applink.natwest.com
supportcentre.natwest.com
personal.natwest.com
www.onetrust.com
Subject Issuer Validity Valid
www.myrewards.natwest.com
COMODO RSA Organization Validation Secure Server CA		 2022-06-15 -
2023-07-16		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2022-02-07 -
2023-02-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2022-03-22 -
2023-03-22		 a year crt.sh
natwest.com
COMODO RSA Organization Validation Secure Server CA		 2022-03-03 -
2023-04-03		 a year crt.sh

This page contains 4 frames:

Primary Page: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Frame ID: AE8F6EE591E21E533A6986836A2FCE5F
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Frame ID: B0F481BD8319F6FE21507FEE38E8B409
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4
Frame ID: B1D53495408F6DC3AB33AAE7D56DFDA6
Requests: 3 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmyrewards.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true
Frame ID: 922C59BBFB19503770FDD88F044BE7F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyRewardsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://email.myrewards.natwest.com/m/surl/203175/552582/mq1WZmFSbSnPKsI7-vr1eSkrsgj5KoUo1ImG9kVTDv8=/link_2/Ose... HTTP 307
    https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

54 %
IPv6

8
Domains

13
Subdomains

13
IPs

5
Countries

1783 kB
Transfer

5129 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.myrewards.natwest.com/m/surl/203175/552582/mq1WZmFSbSnPKsI7-vr1eSkrsgj5KoUo1ImG9kVTDv8=/link_2/OseAHGzw5kkFdsz7m72tJ3Hlxul18c0GSuqA+lEUGg1pOqeWhlSJyRgrRYNg73NORADj9a8V4GNaCBw8xF7x+sXLazdqjLySYq4FyX4iIHFKIhJ41HQCwX93lhX0h4Oh HTTP 307
    https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
myrewards.natwest.com/
Redirect Chain
  • https://email.myrewards.natwest.com/m/surl/203175/552582/mq1WZmFSbSnPKsI7-vr1eSkrsgj5KoUo1ImG9kVTDv8=/link_2/OseAHGzw5kkFdsz7m72tJ3Hlxul18c0GSuqA+lEUGg1pOqeWhlSJyRgrRYNg73NORADj9a8V4GNaCBw8xF7x+sXL...
  • https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
12b917cf567bddb8637c95e6f55f8c2c15a1d2e980b5f71f94443c6e842a93d0
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-store
content-encoding
gzip
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 16:38:09 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
DENY SAMEORIGIN DENY
x-iinfo
14-345088672-345088683 NNNN CT(25 28 0) RT(1671122322448 62) q(0 0 0 0) r(1 1) U12
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Date
Thu, 15 Dec 2022 16:38:42 GMT
Expires
0
Location
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
cbp.min.css
myrewards.natwest.com/res/132/css/ 		184 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
44a42dca5260635bfad38eeb6d0594edc180d64017a671770f37c971210a2b32
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088734 2NNN RT(1671122322448 258) q(0 0 0 -1) r(0 0) U2
content-length
43750
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:31 GMT
etag
"5c15690b8f2d81:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HNx4bdEmRgn5g09KulPi7w==
age
59197
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 07:17:58 GMT
server
cloudflare
etag
0x8DADDA353EEE21E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5658338e-701e-00da-6a19-107dcd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c79693de690-LHR
OneTrustCookie.js
myrewards.natwest.com/res/common/js/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/res/common/js/OneTrustCookie.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
866253cd01e1574ee64b5f43b96a0d438e2b419ea6816b17a202d32081472d32
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088683 PNNN RT(1671122322448 262) q(0 0 0 -1) r(0 0) U2
content-length
546
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:32 GMT
etag
"dff7ea90b8f2d81:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0fe7aef8379ea8c472d41cb5fd22b5a0aead8c4afd3af131257f1a99b2fa63b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:43 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 09:12:31 GMT
server
AkamaiNetStorage
etag
"7985edb0458d72bc423aa4ee5c27342b:1670922751.779177"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://myrewards.natwest.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
108868
expires
Thu, 15 Dec 2022 17:38:43 GMT
api.js
www.google.com/recaptcha/ 		850 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc34f6b93e882a0544fce4e86425b8d16ab852004aa232d29550c9afe9dbbcc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
550
x-xss-protection
1; mode=block
expires
Thu, 15 Dec 2022 16:38:43 GMT
common_scripts_1
myrewards.natwest.com/bundles/ 		430 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/bundles/common_scripts_1?v=7vjsc2rjvh56DB-QhosBDyIh-o-613mggFgy7ELj98s1
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2dcd5153804da80c55813d844658a71e9c03a97917b71c2c76576aec8609d294
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088737 NNNY CT(21 31 0) RT(1671122322448 264) q(0 0 0 -1) r(0 0) U2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Thu, 15 Dec 2022 16:38:09 GMT
vary
Accept-Encoding
x-frame-options
DENY, DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-store
expires
Fri, 15 Dec 2023 16:38:09 GMT
jquery.validate.min.js
myrewards.natwest.com/Scripts/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/Scripts/jquery.validate.min.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088740 NNNY CT(19 29 0) RT(1671122322448 268) q(0 0 0 -1) r(0 0) U2
content-length
9996
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:33 GMT
etag
"ebb92d91b8f2d81:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
jquery.validate.unobtrusive.min.js
myrewards.natwest.com/Scripts/ 		22 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/Scripts/jquery.validate.unobtrusive.min.js
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a24d0c18c22e700836bfa97d896ac83f67f01632182ca026d30a3f4578553380
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088742 NNNY CT(19 26 0) RT(1671122322448 273) q(0 0 0 -1) r(0 0) U2
content-length
14476
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:33 GMT
etag
"461c3091b8f2d81:0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
common_scripts_2
myrewards.natwest.com/bundles/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/bundles/common_scripts_2?v=g_2Am03K5dskx63-0QSEfaYW0RpVt5YCzEYb6JKCt5o1
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bbb1868c464adfe02dbd28811d3c4d28d17cf62c8bf10be07c651c547f941360
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088745 NNNY CT(18 24 0) RT(1671122322448 277) q(0 0 0 -1) r(0 0) U2
content-length
63516
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Thu, 15 Dec 2022 16:38:09 GMT
vary
Accept-Encoding
x-frame-options
DENY, DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-store
expires
Fri, 15 Dec 2023 16:38:09 GMT
js
myrewards.natwest.com/bundles/132/ 		198 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/bundles/132/js?v=ZPxRQxMTZOXAa2x5O1zXSOcTwOtUM8g626JAAipoMTk1
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
abdcf99489fe23f23a21c1394c3b75d0b2221f0991114c11f1ceedc594d7658d
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-cdn
Imperva
date
Thu, 15 Dec 2022 16:38:09 GMT
x-iinfo
14-345088672-345088683 PNNN RT(1671122322448 279) q(0 0 0 -1) r(0 0) U2
content-length
258
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Thu, 15 Dec 2022 16:38:09 GMT
vary
Accept-Encoding
x-frame-options
DENY, DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-store
expires
Fri, 15 Dec 2023 16:38:09 GMT
_Incapsula_Resource
myrewards.natwest.com/ 		140 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2116795774
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dc7398c15888f72886ad5cea1bedc0cfd3643b96e9a3ea9c220208abb36038b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20363
content-type
application/javascript
4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ede50b71ee3bb7d1fc76e95e9c1f208e6e99f97b4ed08e84391df55953876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uh3BpMxkCGkmDbr/EEYobA==
age
26869
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1411
x-ms-lease-status
unlocked
last-modified
Thu, 08 Dec 2022 09:05:21 GMT
server
cloudflare
etag
0x8DAD8FB56217869
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
91c237b5-501e-00ab-3de4-0a0ff4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c7b9eb48e12-LHR
expires
Fri, 16 Dec 2022 16:38:43 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://myrewards.natwest.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
77a09c7c5f698e12-LHR
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.31.0/ 		334 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D263R6OySncrpIc5uRH3nQ==
age
84729
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
80955
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:24 GMT
server
cloudflare
etag
0x8DA032EC5D12B02
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b588b788-f01e-0108-2f26-f585c0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c7d0bb1e690-LHR
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://myrewards.natwest.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Thu, 15 Dec 2022 17:38:44 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"72152d82739a20813d7490454a0d252e:1642630707.464895"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://myrewards.natwest.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Thu, 15 Dec 2022 17:38:44 GMT
natwest_logo.svg
myrewards.natwest.com/res/132/img/vi/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myrewards.natwest.com/res/132/img/vi/natwest_logo.svg
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
564e72f9149f51a2733816844c6137ad08fb12500e3a2bc270c230e6ce2b761a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-cdn
Imperva
x-iinfo
14-345088672-345088737 PNYy RT(1671122322448 1029) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:31 GMT
etag
"a74c5e90b8f2d81:0"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
MyRewardsLogo-Grey.svg
myrewards.natwest.com/res/132/img/vi/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myrewards.natwest.com/res/132/img/vi/MyRewardsLogo-Grey.svg
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e09dd60ee0010873e5851ba769c8f58bf4b5c65203cc26059e3580f77a5c23e4
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 16:38:10 GMT
content-encoding
gzip
x-cdn
Imperva
x-iinfo
14-345088672-345088742 PNYy RT(1671122322448 1030) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:31 GMT
etag
"4cea5b90b8f2d81:0"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
RNHouseSansW01-Regular.woff
myrewards.natwest.com/res/132/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/res/132/fonts/RNHouseSansW01-Regular.woff
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
faec2bd1524ea1127fb1a6fa6f9cc3af135442f296c125851d9d2398c7d1368a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Origin
https://myrewards.natwest.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 16:38:10 GMT
x-cdn
Imperva
x-iinfo
14-345088672-345088740 PNNy RT(1671122322448 1065) q(0 0 0 -1) r(0 0) U2
content-length
22688
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:31 GMT
etag
"f6ec1d90b8f2d81:0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
RNHouseSansW01-Bold.woff
myrewards.natwest.com/res/132/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myrewards.natwest.com/res/132/fonts/RNHouseSansW01-Bold.woff
Requested by
Host: myrewards.natwest.com
URL: https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.1.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dbc1cad17ed91a5684d115f609df37622969737bc3a0db64c7e8b8c20b994e30
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myrewards.natwest.com/res/132/css/cbp.min.css?v=new_vi
Origin
https://myrewards.natwest.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 16:38:10 GMT
x-cdn
Imperva
x-iinfo
14-345088672-345088889 NNNN CT(20 31 0) RT(1671122322448 1067) q(0 0 0 -1) r(0 0) U2
content-length
23120
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
last-modified
Mon, 07 Nov 2022 14:52:31 GMT
etag
"978a1b90b8f2d81:0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
en.json
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/bbae0bb2-5e87-44cc-923c-e5970d893645/ 		204 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/bbae0bb2-5e87-44cc-923c-e5970d893645/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de7c24bae9ef5f041f492b249aceb98300d64e40cbfd2b004476fdb52a5af46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
l5msCKXnTUnfOzloN9sNSQ==
age
26870
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
34422
x-ms-lease-status
unlocked
last-modified
Thu, 08 Dec 2022 09:05:23 GMT
server
cloudflare
etag
0x8DAD8FB5737CAD7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
add267bb-201e-0167-6ae4-0a2d14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c7dd8bb8e12-LHR
expires
Fri, 16 Dec 2022 16:38:44 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 		401 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://myrewards.natwest.com/
Origin
https://myrewards.natwest.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163396
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 09:40:43 GMT
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=49343281
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
last-modified
Thu, 03 Sep 2020 08:27:49 GMT
server
ws
etag
"5f50a905-1d8f"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7567
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea07c75cc70340374feb3872db77d7d5b74e6e8b62fd538f36209b1815ecd3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
H5sekmzucUF8sFtSeINTKg==
age
26843
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2584
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:14 GMT
server
cloudflare
etag
0x8DA032EBF6EA85E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
20ef908f-d01e-00ba-43e4-0a38ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c7e592f8e12-LHR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZpEAbh0BppVJFPu0Tn1v0w==
age
26843
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11558
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:15 GMT
server
cloudflare
etag
0x8DA032EC085471F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
57dfbcfa-e01e-013e-6de4-0a2892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77a09c7e59318e12-LHR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 16:38:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2HSefDmVwJneRQMu6SXIPw==
age
26843
x-ms-lease-status
unlocked
last-modified
Fri, 11 Mar 2022 07:14:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
714ef1ba-501e-00c6-73e4-0aa5da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
77a09c7e59328e12-LHR
.jsonp
lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/ 		297 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90decdbe34ba/a4b8e199afd2/launch-ENeccff4d9ca30415185b02e18a1083bdd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
b89fad6edaf88e65f73ffffb601200b2676835131e848416c46a52906109f7c8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
anchor
www.google.com/recaptcha/api2/ Frame B0F4 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a140e6668c1e59b5c31fc840a5b401dc8959e5ed1534b5c7fd08abae44191cae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N3ZtLssARfnaa4U0UkZj4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myrewards.natwest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23212
content-security-policy
script-src 'report-sample' 'nonce-N3ZtLssARfnaa4U0UkZj4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 16:38:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame B0F4 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 11:29:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame B0F4 		401 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163396
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 09:40:43 GMT
/
accdn.lpsnmedia.net/api/account/49343281/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/49343281/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
975558d211d33151bac641cf195ff89c0399ab6f6fcc574ba4f75e6d7bd36315
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Thu, 15 Dec 2022 16:39:44 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:44 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:24 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:44 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:44 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:44 GMT
zones
accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
8f82a70d347e4c5d61a99815aeabb2fdc4aa2d971669c77b66965912d6c649e3
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Thu, 15 Dec 2022 16:39:44 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		961 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:44 GMT
truncated
/ Frame B0F4 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B0F4 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B0F4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 18:59:47 GMT
x-content-type-options
nosniff
age
164337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 20 Dec 2022 18:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B0F4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:20:58 GMT
x-content-type-options
nosniff
age
544667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 09:20:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B0F4 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4&co=aHR0cHM6Ly9teXJld2FyZHMubmF0d2VzdC5jb206NDQz&hl=en&type=image&v=pn3ro1xnhf4yB8qmnrhh9iD2&theme=light&size=normal&cb=1ryq73be19nn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 15 Dec 2022 16:38:45 GMT
bframe
www.google.com/recaptcha/api2/ Frame B1D5 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2baf89eb9f11af8035bc6a6f1ebb9e99008d09650c2eff4f51fea6881eb732ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dzwl6Hzn5WpCUf36E28XTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myrewards.natwest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1112
content-security-policy
script-src 'report-sample' 'nonce-dzwl6Hzn5WpCUf36E28XTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 16:38:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmyrewards.natwest.com&site=49343281&env=prod&isCrossDomain=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:45 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame 922C 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmyrewards.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://myrewards.natwest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 16:38:45 GMT
expires
Fri, 15 Dec 2023 16:38:45 GMT
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-cache-status
HIT
x-content-type-options
nosniff
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame B1D5 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 11:29:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame B1D5 		401 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LedWg0dAAAAALR0BSOtU0Bx1FjSd5mcxnoL78f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163396
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 09:40:43 GMT
refererrestrictions
accdn.lpsnmedia.net/api/account/49343281/configuration/domainprotection/ Frame 922C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/49343281/configuration/domainprotection/refererrestrictions?cb=lpCb37052x67420
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmyrewards.natwest.com&site=49343281&ist=sessionStorage&env=prod&isCrossDomain=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
446d01946a5140c6f14a20d659eac900ac8861fd76095ab073ec437bf7420f29
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://lpcdn.lpsnmedia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:45 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Thu, 15 Dec 2022 16:39:45 GMT
49343281
lo.v.liveperson.net/api/js/ 		626 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/49343281?&cb=lpCb57137x37955&t=sp&ts=1671122326285&pid=5316525389&tid=9565675431&pt=MyRewards&u=https%3A%2F%2Fmyrewards.natwest.com%2FLogin%3FReturnUrl%3D%252FMyAccount%252FStatement&sec=%5B%22brand%3ANatWest%22%2C%22lob%3Apersonal-service%22%2C%22location%3Amyrewards%22%2C%22pageid%3ACATEGORY%3AGlobal%3ECashbackplus%3EReward%3ELogin%3EIndex%22%2C%22sectiontree%3ACATEGORY%3AGlobal%3ECashbackplus%3EReward%3ELogin%3EIndex%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
496c296d83e3134e245bc929bb306452fe16e8e9bc6bd6543d45d5c0d6268d9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
overlay.js
lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/overlay.js?_v=3.53.1.0-release_5134
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
511fd135d8dac6077445b530b40efb112265926caf33f2a60aa92f7bbd2aee54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 21:59:46 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:46 GMT
UISuite.js
lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 21:59:46 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Fri, 15 Dec 2023 16:38:46 GMT
3769
accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/campaigns/4726483550/engagements/4726483650/revision/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/49343281/configuration/le-campaigns/campaigns/4726483550/engagements/4726483650/revision/3769?v=3.0&cb=lp4726483650&flavor=dependency
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
85baca6349fbfe3b3c9625ab8f5bf78dcbb18b0c1f82d667ae8a458e4fe4b28b
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Thu, 15 Dec 2022 16:39:46 GMT
49343281
lo.v.liveperson.net/api/js/ 		42 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/49343281?sid=IVLAhO97QLSnkff87sMp1g&cb=lpCb41744x34772&t=uc&ts=1671122324665&pid=5316525389&tid=9565675431&sdes=%5B%7B%22type%22%3A%22cart%22%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%7D%2C%22quantity%22%3A1%7D%5D%7D%5D&vid=dmNDRiNjI0MmQ1ODI0MWQ4
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
cf874329ea7b2793d6118a00f0313050ba256367ad2d6131359becc1fd364c1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
49343281
lo.v.liveperson.net/api/js/ 		111 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/49343281?sid=IVLAhO97QLSnkff87sMp1g&cb=lpCb73811x68322&t=pl&ts=1671122326290&pid=5316525389&tid=9565675431&vid=dmNDRiNjI0MmQ1ODI0MWQ4
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
3be81e52b3b30e2c9c152483d895f6c555cf7869dfc5a270726b1372937829d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
4186159450
accdn.lpsnmedia.net/api/account/49343281/configuration/engagement-window/window-confs/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/49343281/configuration/engagement-window/window-confs/4186159450?cb=lpCb26021x23498
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
cee567a7cefc529eb07e1af4781436ede290f0816a5e2df74db33ca0dfeb4c55
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Thu, 15 Dec 2022 16:39:46 GMT
CoraDesktopIcon.png
www.natwest.com/content/dam/natwest/personal/support-centre/cora/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.natwest.com/content/dam/natwest/personal/support-centre/cora/CoraDesktopIcon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5aaa8d29b4fc392a8b085f9c928ab856db516fb1cb9c2b366a353f194e02f719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher
dispatcher5uksouth
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Dec 2022 16:38:46 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
02kebYwAAAAAtjn9+WrPQQ7MpC4IoWy/wTE9OMjFFREdFMTcxMgBhNmVlNGZiMy01ZTU3LTQwNGQtYjJmNS03OTJlZDFkZTdkNTc=
x-vhost
Natwest Com
x-cache
TCP_HIT
content-length
3953
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Dec 2022 13:22:12 GMT
etag
"f71-5ef28b11f7a20"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://supportcentre.natwest.com
cache-control
public, max-age=3600
permissions-policy
geolocation=(self "https://natwest.com")
x-azure-ref
0lk2bYwAAAAAQczz9VgggTJh4bTtUfX1sTFRTRURHRTEyMTUAYTZlZTRmYjMtNWU1Ny00MDRkLWIyZjUtNzkyZWQxZGU3ZDU3
accept-ranges
bytes
CoraDesktopIcon.png
www.natwest.com/content/dam/natwest/personal/support-centre/cora/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.natwest.com/content/dam/natwest/personal/support-centre/cora/CoraDesktopIcon.png
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5aaa8d29b4fc392a8b085f9c928ab856db516fb1cb9c2b366a353f194e02f719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher
dispatcher5uksouth
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Dec 2022 16:38:46 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
02kebYwAAAAAtjn9+WrPQQ7MpC4IoWy/wTE9OMjFFREdFMTcxMgBhNmVlNGZiMy01ZTU3LTQwNGQtYjJmNS03OTJlZDFkZTdkNTc=
x-vhost
Natwest Com
x-cache
TCP_HIT
content-length
3953
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 06 Dec 2022 13:22:12 GMT
etag
"f71-5ef28b11f7a20"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://supportcentre.natwest.com
cache-control
public, max-age=3600
permissions-policy
geolocation=(self "https://natwest.com")
x-azure-ref
0lk2bYwAAAACDPsEqyEwrRZi75V5i8TRCTFRTRURHRTEyMTUAYTZlZTRmYjMtNWU1Ny00MDRkLWIyZjUtNzkyZWQxZGU3ZDU3
accept-ranges
bytes
49343281
lo.v.liveperson.net/api/js/ 		41 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.v.liveperson.net/api/js/49343281?sid=IVLAhO97QLSnkff87sMp1g&cb=lpCb70470x8498&t=uc&ts=1671122326947&pid=5316525389&tid=9565675431&vid=dmNDRiNjI0MmQ1ODI0MWQ4&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4726483550%2C%22engId%22%3A4726483650%2C%22revision%22%3A3769%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/49343281/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=NatWest-myrewards&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.70 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo.v.liveperson.net
Software
ws /
Resource Hash
3bca1e8182623b57261017b627f5ed235a4d76c6acfc12d1fdcfbe8a9e9ebe39

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://myrewards.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:38:46 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| OneTrustStub function| OptanonWrapper object| tmParam string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| tagging function| RedirectToLoginPageForNewWindow object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| _ number| arrIndex object| carousels undefined| k object| CBP function| getiever function| isIE function| isMobile boolean| alertFallback function| Hammer object| Mustache object| carouselClasses object| lpTag function| sc_le2_dataReceiver object| Optanon object| OneTrust function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s string| optanonActiveGroupsAux object| recaptcha object| closure_lm_164002 function| _typeof function| _extends object| lpTaglogListeners object| proxyless object| lpMTagConfig function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals

9 Cookies

Domain/Path Name / Value
myrewards.natwest.com/ Name: ASP.NET_SessionId
Value: ndd1py3vng0zho5d1nefu1wm
.myrewards.natwest.com/ Name: IsMobileLogin
Value: false
myrewards.natwest.com/ Name: __RequestVerificationToken
Value: 4tbogqs8dlmkj2AMt1LbCRB6jKMgWHBmwmqAJKYmIGHE4LzDrVBaCohsMy_EarwH7t1SUT85UJR-n3ZoWG_4Lm4VR1OJdujq4BBuxMjIk-E1
.natwest.com/ Name: visid_incap_869944
Value: Bm4UcEWSRUivuPvvIP8SG5JNm2MAAAAAQUIPAAAAAADDJ77/M3YlEqOVTjdDSuRC
.natwest.com/ Name: nlbi_869944
Value: yyO8YzRVOUZiqZAaRmjeLwAAAABzKh5xZsP3UmSQXJP2ok8T
.natwest.com/ Name: incap_ses_1094_869944
Value: gHA/AI/NXht1NnFrH6wuD5JNm2MAAAAAwY8NNTrJCcXVBfnRhfkf6Q==
.natwest.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Dec+15+2022+16%3A38%3A44+GMT%2B0000+(GMT)&version=6.31.0&isIABGlobal=false&hosts=&consentId=800bc7c3-81bc-463a-bb92-e59d5676d7e2&interactionCount=0&landingPath=https%3A%2F%2Fmyrewards.natwest.com%2FLogin%3FReturnUrl%3D%252FMyAccount%252FStatement&groups=C0001%3A1%2CC0009%3A0%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.natwest.com/ Name: LPVID
Value: dmNDRiNjI0MmQ1ODI0MWQ4
.natwest.com/ Name: LPSID-49343281
Value: IVLAhO97QLSnkff87sMp1g

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none'; script-src 'self' 'unsafe-inline' cdn.cookielaw.org https://maps.google.com/maps matomo.rewardinsight.com maps.googleapis.com lptag.liveperson.net https://www.google.com/recaptcha/api.js https://assets.adobedtm.com https://sc.natwest.com https://sc.rbs.co.uk https://accdn.lpsnmedia.net https://lpcdn.lpsnmedia.net https://lo.v.liveperson.net *.gstatic.com; img-src data: maps.google.com *.cloudfront.net 'self' *.amazonaws.com *.gstatic.com *.googleapis.com *.rewardinsight.com *.natwest.com *.rbs.co.uk
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
assets.adobedtm.com
cdn.cookielaw.org
email.myrewards.natwest.com
fonts.gstatic.com
geolocation.onetrust.com
lo.v.liveperson.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
myrewards.natwest.com
www.google.com
www.gstatic.com
www.natwest.com
178.249.97.23
178.249.97.70
178.249.97.98
178.249.97.99
2606:4700::6810:9540
2606:4700::6812:1b55
2620:1ec:46::45
2a00:1450:4001:806::2003
2a00:1450:400d:807::2003
2a00:1450:400d:80c::2004
2a02:26f0:f700:495::1e80
45.60.1.158
81.92.125.211
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0fe7aef8379ea8c472d41cb5fd22b5a0aead8c4afd3af131257f1a99b2fa63b4
12b917cf567bddb8637c95e6f55f8c2c15a1d2e980b5f71f94443c6e842a93d0
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
2baf89eb9f11af8035bc6a6f1ebb9e99008d09650c2eff4f51fea6881eb732ef
2dcd5153804da80c55813d844658a71e9c03a97917b71c2c76576aec8609d294
321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c
3bca1e8182623b57261017b627f5ed235a4d76c6acfc12d1fdcfbe8a9e9ebe39
3be81e52b3b30e2c9c152483d895f6c555cf7869dfc5a270726b1372937829d9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
446d01946a5140c6f14a20d659eac900ac8861fd76095ab073ec437bf7420f29
44a42dca5260635bfad38eeb6d0594edc180d64017a671770f37c971210a2b32
496c296d83e3134e245bc929bb306452fe16e8e9bc6bd6543d45d5c0d6268d9d
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
511fd135d8dac6077445b530b40efb112265926caf33f2a60aa92f7bbd2aee54
564e72f9149f51a2733816844c6137ad08fb12500e3a2bc270c230e6ce2b761a
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5aaa8d29b4fc392a8b085f9c928ab856db516fb1cb9c2b366a353f194e02f719
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
64ede50b71ee3bb7d1fc76e95e9c1f208e6e99f97b4ed08e84391df55953876d
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
6de7c24bae9ef5f041f492b249aceb98300d64e40cbfd2b004476fdb52a5af46
85baca6349fbfe3b3c9625ab8f5bf78dcbb18b0c1f82d667ae8a458e4fe4b28b
866253cd01e1574ee64b5f43b96a0d438e2b419ea6816b17a202d32081472d32
8f82a70d347e4c5d61a99815aeabb2fdc4aa2d971669c77b66965912d6c649e3
975558d211d33151bac641cf195ff89c0399ab6f6fcc574ba4f75e6d7bd36315
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a140e6668c1e59b5c31fc840a5b401dc8959e5ed1534b5c7fd08abae44191cae
a24d0c18c22e700836bfa97d896ac83f67f01632182ca026d30a3f4578553380
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
ab5351bd9526d7495a4f0a304c190bb8616b99c1c58e1899638b9ea4a60a88c8
abdcf99489fe23f23a21c1394c3b75d0b2221f0991114c11f1ceedc594d7658d
b89fad6edaf88e65f73ffffb601200b2676835131e848416c46a52906109f7c8
bbb1868c464adfe02dbd28811d3c4d28d17cf62c8bf10be07c651c547f941360
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
cee567a7cefc529eb07e1af4781436ede290f0816a5e2df74db33ca0dfeb4c55
cf874329ea7b2793d6118a00f0313050ba256367ad2d6131359becc1fd364c1a
dbc1cad17ed91a5684d115f609df37622969737bc3a0db64c7e8b8c20b994e30
dc7398c15888f72886ad5cea1bedc0cfd3643b96e9a3ea9c220208abb36038b0
e09dd60ee0010873e5851ba769c8f58bf4b5c65203cc26059e3580f77a5c23e4
ea07c75cc70340374feb3872db77d7d5b74e6e8b62fd538f36209b1815ecd3d6
faec2bd1524ea1127fb1a6fa6f9cc3af135442f296c125851d9d2398c7d1368a
fc34f6b93e882a0544fce4e86425b8d16ab852004aa232d29550c9afe9dbbcc4
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66