www.onlinebanking.natwest.com Open in urlscan Pro
155.136.22.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onlinebanking.natwest.com/default.aspx
Submission: On April 09 via manual (April 9th 2021, 11:12:20 am UTC) from NL

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 84 HTTP transactions. The main IP is 155.136.22.4, located in United Kingdom and belongs to RBSG-UK-AS Edinburgh, GB. The main domain is www.onlinebanking.natwest.com.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on August 9th 2019. Valid for: 2 years.

This is the only time www.onlinebanking.natwest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	155.136.22.4 155.136.22.4	21054 (RBSG-UK-A...) (RBSG-UK-AS Edinburgh)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	20.49.208.53 20.49.208.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:209... 2600:9000:2093:8a00:8:4d07:a640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
4	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
4	178.249.97.70 178.249.97.70	11054 (LIVEPERSON) (LIVEPERSON)
84	10

28 155.136.22.4 (United Kingdom)

ASN21054 (RBSG-UK-AS Edinburgh, GB)

www.onlinebanking.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.49.208.53 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

personal.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:8a00:8:4d07:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)

logon.onlinebanking.natwest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.70 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo.v.liveperson.net

lo.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	natwest.com www.onlinebanking.natwest.com personal.natwest.com logon.onlinebanking.natwest.com	1014 KB
10	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	57 KB
6	liveperson.net lptag.liveperson.net lo.v.liveperson.net	126 KB
6	cookielaw.org cdn.cookielaw.org	117 KB
4	adobedtm.com assets.adobedtm.com	112 KB
0	Failed function sub() { [native code] }. Failed
84	6

	Domain	Requested by
28	www.onlinebanking.natwest.com	www.onlinebanking.natwest.com
6	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
6	cdn.cookielaw.org	www.onlinebanking.natwest.com cdn.cookielaw.org
4	lo.v.liveperson.net	lptag.liveperson.net
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
4	assets.adobedtm.com	www.onlinebanking.natwest.com assets.adobedtm.com
3	personal.natwest.com	www.onlinebanking.natwest.com lpcdn.lpsnmedia.net
2	lptag.liveperson.net	www.onlinebanking.natwest.com
1	logon.onlinebanking.natwest.com	www.onlinebanking.natwest.com
0	iebpjdmgckacbodjpijphcplhebcmeop Failed	www.onlinebanking.natwest.com
0	djflhoibgkdhkhhcedjiklpkjnoahfmg Failed	www.onlinebanking.natwest.com
0	cplklnmnlbnpmjogncfgfijoopmnlemp Failed	www.onlinebanking.natwest.com
0	gpolcofcjjiooogejfbaamdgmgfehgff Failed	www.onlinebanking.natwest.com
0	nndknepjnldbdbepjfgmncbggmopgden Failed	www.onlinebanking.natwest.com
0	jnhgnonknehpejjnehehllkliplmbmhn Failed	www.onlinebanking.natwest.com
0	bjjgbdlbgjeoankjijbmheneoekbghcg Failed	www.onlinebanking.natwest.com
0	rumola Failed	www.onlinebanking.natwest.com
0	nconiknmmhhhffhmbknbplalknajiaef Failed	www.onlinebanking.natwest.com
0	neodgnejhhhlcdoglifbmioajmagpeci Failed	www.onlinebanking.natwest.com
84	19

This site contains no links.

Subject Issuer	Validity	Valid
onlinebanking.natwest.com COMODO RSA Extended Validation Secure Server CA	`2019-08-09` - `2021-08-08`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
personal.natwest.com COMODO RSA Organization Validation Secure Server CA	`2020-02-24` - `2022-02-23`	2 years	crt.sh
logon.nwolb.com COMODO RSA Organization Validation Secure Server CA	`2020-10-30` - `2021-10-30`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.onlinebanking.natwest.com/default.aspx
Frame ID: 8669A07BC8CA1F1F08036C5EEF5D6702
Requests: 38 HTTP requests in this frame

Frame: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
Frame ID: 0052260ED24B6BB2FF442575B3F04A28
Requests: 52 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=39893241&env=prod&isCrossDomain=true
Frame ID: 7C905117DE686574C487D99357CEDAB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.onlinebanking.natwest.com/default.aspx Page URL
https://www.onlinebanking.natwest.com/default.aspx Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i
html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

84
Requests

69 %
HTTPS

33 %
IPv6

6
Domains

19
Subdomains

10
IPs

3
Countries

1427 kB
Transfer

3574 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.onlinebanking.natwest.com/default.aspx Page URL
https://www.onlinebanking.natwest.com/default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set default.aspx Show response
www.onlinebanking.natwest.com/ 6 KB
6 KB 212ms
43ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 6b5951a57473624f9f44e38f5c7d4b10103329f1fbd1f1e9defe6a0b1408f361

Request headers

Host: www.onlinebanking.natwest.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3P: CP="{}"
Content-Length: 5819
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Type: text/html
Set-Cookie: TSfebd381b027=085c953939ab200042527394086589fd135e696b252cabe9a7e4ea797ade040cce25dfec0c9c33a3085dde85c21130002c05e02604518589cb462e29fdedd7c589815afe2a4ec5aa51a93fe8143d44842ce125febdca8f5cee1e9c8037718e37; Path=/

GET
H/1.1 200
OK 085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021 Show response
www.onlinebanking.natwest.com/TSPD/ 311 KB
87 KB 43ms
43ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021?type=10
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 7d86c5b305b199c96eae0f0428f86e9712fb04b0424a9b6bbd746990283a2b8a

Request headers

Referer: https://www.onlinebanking.natwest.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: public, max-age=86400
Content-Encoding: gzip
Content-Length: 88845
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 667 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 52 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 47 B
47 B Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET 32.png
neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/ 0
0

GET icon-128.png
nconiknmmhhhffhmbknbplalknajiaef/ 0
0

GET icon-16.png
nconiknmmhhhffhmbknbplalknajiaef/ 0
0

GET rumola48.png
rumola/content/ 0
0

GET rumola128.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET on.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET rumola48.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 0
0

GET icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/assets/images/ 0
0

GET icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 0
0

GET icon48.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 0
0

GET options.html
nndknepjnldbdbepjfgmncbggmopgden/ 0
0

GET mining128.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 0
0

GET mining16.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 0
0

GET index.html
nndknepjnldbdbepjfgmncbggmopgden/client/dist/ 0
0

GET pixel.gif
gpolcofcjjiooogejfbaamdgmgfehgff/ 0
0

GET agenty-100.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 0
0

GET agenty-16.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 0
0

GET sgplus.css
gpolcofcjjiooogejfbaamdgmgfehgff/core/ 0
0

GET logo24.png
cplklnmnlbnpmjogncfgfijoopmnlemp/skin/ 0
0

GET spoofer_cs.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 0
0

GET jquery.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 0
0

GET icon.addressbar.gif
iebpjdmgckacbodjpijphcplhebcmeop/images/ 0
0

GET manifest.json
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET background.html
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET popup.html
iebpjdmgckacbodjpijphcplhebcmeop/ 0
0

GET
H/1.1 200
OK Primary Request Cookie set default.aspx Show response
www.onlinebanking.natwest.com/ 8 KB
10 KB 51ms
51ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/default.aspx

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021?type=10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

25c5b4cec8edaf7b942158d64f5149de4d0963d452233fa843f9bfc6d2c0adf2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.onlinebanking.natwest.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.onlinebanking.natwest.com/default.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: TSfebd381b027=085c953939ab200042527394086589fd135e696b252cabe9a7e4ea797ade040cce25dfec0c9c33a3085dde85c21130002c05e02604518589cb462e29fdedd7c589815afe2a4ec5aa51a93fe8143d44842ce125febdca8f5cee1e9c8037718e37; TS36d71c00075=0502d101085c953939ab2800a16a6e0461bd6379bde52cfa246b1474de35c14ab5513fa89fea402470f57e1e9804c1fad53c4644:08d38a8a4504b0005401f5938c7475f073254fe50c8c2f4abcf2c43c443b64de82bfd19d266ceb7af5b996ff13c4fbfa637e0da865bcf83c3a1698be423e6ff66a5439257259cd944aae40da659ef930900beb8abbe9bc4dc76bead887a37615c573a8a0eabf147e04384bb4e91fa5eac944c90f869edfb36cf92925a9c01d7e3e50fb0928f952498f13cfe9d90567dc319a5add42da66d5a5f51286ece117f6bfd64f3bb75d258b9e1c3e0ee041caeef5ec7cb926cb55ab00000001000b000085c953939ab20004df6737d0801a623a5a6a0d5e5564e38476fc55270dcd50078604bddedce5f740888d945e10a28008372284b7178cd294b130fdcf3409fe51c6dfd76b4397168283bd233c91ceca2301e11883a2eb5f401000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onlinebanking.natwest.com/default.aspx

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Content-Security-Policy: upgrade-insecure-requests;
X-FRAME-OPTIONS: SAMEORIGIN
Set-Cookie: ASP.NET_SessionId=0gmyaxextaxl2clxuiihzsh2; path=/; secure; HttpOnly ResumePath=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure OBRef=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure ChannelSource=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure connected=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure BIGipServer~eBank~pool-www.nwolb.com-2017=!Ck9gLpTLjpkCMHprJGUZqVbDUnN/DL8bWPnCHbyN4KD1Ug7rRIH3JmFClHcTfbrWtvbUNKZNFxT3NH4=; path=/; Httponly; Secure TS0112addc=01662b9c3eb996b564f843cb8b3ebaa61426f550990a5d816013712d64e01b14fcf6b0dca922b65465a9feffcfe9b387634252506f7b72a0ccef9916823e439e1b657d2ae0b8e75345a0d1afe94d8fde604c7286d150fdd587587668ef5a8c48f47dc10bfa434939fef594d7084f86d14b00f5d810299172235a53ffb399bdaf3c312c1bc8a3708d57259b03a18050268517b64dc6; Path=/; Secure; HTTPOnly TSPD_101=085c953939ab28009abb7a9141f08a9cd5776d391824f08f8b299358a409e72bf39af80a88d6b49a3e6e2f5fd26e9e4808f4861c2f05180063a5e759e15855044265b9c39355f8b9102258538ac1daf7; Path=/ TSfebd381b027=085c953939ab20008e4411e7b24e63ffecf8da6f48b8716d9491508929aea65a7157ba19b2ddbd5208486110941130004099e11b2bcc45af9d35ffea80a772d2386f68bdfd8534ce2e40c0e4d39c0ab839e0c665895381d5bcc229b2102f9b4d; Path=/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Fri, 09 Apr 2021 11:12:04 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
P3P: CP="{}"
Transfer-Encoding: chunked

GET
H/1.1 200
OK 085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021 Show response
www.onlinebanking.natwest.com/TSPD/ 130 KB
34 KB 43ms
43ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021?type=17
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 93540c925e96689eae547253a7f8fe6d73f53fd263cdbb8da18ab623fbcbcfe1

Request headers

Referer: https://www.onlinebanking.natwest.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: public, max-age=86400
Content-Encoding: gzip
Content-Length: 34459
Content-Type: text/javascript

GET
H/1.1 200
OK Cookie set login.aspx Show response
www.onlinebanking.natwest.com/ Frame 0052 110 KB
112 KB 67ms
67ms Document
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

55e42fd9082763b80d9a4b46abb593b3987cb88ef45bec6f7d3c0448eead7c42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.onlinebanking.natwest.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: https://www.onlinebanking.natwest.com/default.aspx
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ASP.NET_SessionId=0gmyaxextaxl2clxuiihzsh2; BIGipServer~eBank~pool-www.nwolb.com-2017=!Ck9gLpTLjpkCMHprJGUZqVbDUnN/DL8bWPnCHbyN4KD1Ug7rRIH3JmFClHcTfbrWtvbUNKZNFxT3NH4=; TS0112addc=01662b9c3eb996b564f843cb8b3ebaa61426f550990a5d816013712d64e01b14fcf6b0dca922b65465a9feffcfe9b387634252506f7b72a0ccef9916823e439e1b657d2ae0b8e75345a0d1afe94d8fde604c7286d150fdd587587668ef5a8c48f47dc10bfa434939fef594d7084f86d14b00f5d810299172235a53ffb399bdaf3c312c1bc8a3708d57259b03a18050268517b64dc6; TSPD_101=085c953939ab28009abb7a9141f08a9cd5776d391824f08f8b299358a409e72bf39af80a88d6b49a3e6e2f5fd26e9e4808f4861c2f05180063a5e759e15855044265b9c39355f8b9102258538ac1daf7; TSfebd381b027=085c953939ab20008e4411e7b24e63ffecf8da6f48b8716d9491508929aea65a7157ba19b2ddbd5208486110941130004099e11b2bcc45af9d35ffea80a772d2386f68bdfd8534ce2e40c0e4d39c0ab839e0c665895381d5bcc229b2102f9b4d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onlinebanking.natwest.com/default.aspx

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Refresh: 725;url=ServiceManagement/Timeout.aspx
X-UA-Compatible: IE=edge
Content-Security-Policy: upgrade-insecure-requests;
RBSPageID: LI5
X-FRAME-OPTIONS: SAMEORIGIN
Set-Cookie: BrowserConfigKey=.*; path=/; secure; HttpOnly ResumePath=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure OBRef=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure ChannelSource=; expires=Thu, 09-Apr-2020 11:12:05 GMT; path=/; secure authTicket=; expires=Mon, 01-Jan-1900 00:00:00 GMT; path=/; secure .AppAuth=; expires=Mon, 01-Jan-1900 00:00:00 GMT; path=/; secure appserver=; expires=Mon, 01-Jan-1900 00:00:00 GMT; path=/; secure E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855_closedOverlayPrompts=; expires=Mon, 01-Jan-1900 00:00:00 GMT; path=/; secure bcsid=c80d848569ac4dbbafa5ce8cd4136d06; path=/; secure hdnss=NgcAABAAAACY98pvbSUj/EGjTP+rkGc9WZVxFpQDwfqWHI7AdcNhmp37yYY/otCdb6sxe+8DhLsLRzvLUxyt4hrho2Pg1pXwruCQEZgIs5G19mwM5Jfv3mXDpccxyJKmck46uPmHZUWCC5mWs455SHMcr44xPVsIktSFnoucU8zEXTXyvKmhPQ**; path=/; secure; HttpOnly shadowStatus=Status=False; path=/; secure; HttpOnly submind=0; path=/; secure; HttpOnly TS0112addc=01662b9c3ed19cc084aa0ea74844870099c1f5cce10a5d816013712d64e01b14fcf6b0dca922b65465a9feffcfe9b387634252506f7b72a0ccef9916823e439e1b657d2ae0b8e75345a0d1afe94d8fde604c7286d150fdd587587668ef5a8c48f47dc10bfa434939fef594d7084f86d14b00f5d810299172235a53ffb399bdaf3c312c1bc8ab6c3e213ed91911b0e081f51aa704d3d7afec927e5eb3e4320361480a07319e540850872a553f0c7455304a645d02f298df7bd1af2ff797d3022cae8661e87dd577cc3a7f7e578b0cb9cd558bb26cebf0895b79e039ea2bcdc058681440cd34775547f00f7c6ce29cb37bc46ea18b4cfa392c91f733d13777db24552e8f2bb95a59afa39662509edd29a5f23fe7f527da85e0fe1500d960127bdd3a075a112d; Path=/; Secure; HTTPOnly TSfebd381b027=085c953939ab2000c8f474b6a4c4aa2f7057afc6afa23e308011f61fcde281a04a0caab562626e11080165c5361130008f26fa29995eaef89d35ffea80a772d2386f68bdfd8534ce2e40c0e4d39c0ab839e0c665895381d5bcc229b2102f9b4d; Path=/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Fri, 09 Apr 2021 11:12:05 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Transfer-Encoding: chunked

GET
H/1.1 200
OK 085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021 Show response
www.onlinebanking.natwest.com/TSPD/ Frame 0052 130 KB
34 KB 133ms
44ms Script
text/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021?type=17
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: 93540c925e96689eae547253a7f8fe6d73f53fd263cdbb8da18ab623fbcbcfe1

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: public, max-age=86400
Content-Encoding: gzip
Content-Length: 34459
Content-Type: text/javascript

GET
H/1.1 200
OK master.css
www.onlinebanking.natwest.com/Brands/ Frame 0052 253 KB
254 KB 156ms
88ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

775e8386e57796861a1fb8a29e343142324976ce08b530cdb8086d06fab0d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 259374
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK npc.css
www.onlinebanking.natwest.com/Brands/NWB/css/ Frame 0052 51 KB
51 KB 117ms
48ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

7f7ec2e58297c4bde7092dfc2ff03fbe675ed812e708d92b6f9ab06bbd86095d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 51858
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK overlayPromptMaster.css
www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/ Frame 0052 1 KB
2 KB 132ms
47ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css?v=637489349580000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1378
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK overlayPrompt.css
www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/NPC/ Frame 0052 76 B
684 B 132ms
47ms Stylesheet
text/css 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css?v=637489349580000000

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 76
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ScriptCombiner.axd Show response
www.onlinebanking.natwest.com/ Frame 0052 107 KB
108 KB 214ms
127ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/ScriptCombiner.axd?s=IFSControls1704&v=210409

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

8b3f2a5e3bc82b1cb3454db34dc76a123ea8c08867cce3ed6abee383a32693a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
Content-Encoding: utf-8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sun, 09 May 2021 11:12:06 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 0052 17 KB
6 KB 31ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JAEaYPmlzGBPWdORjSAaYw==
age: 5397
vary: Accept-Encoding
content-length: 5617
cf-request-id: 0957ee111100002bc6e6961000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:23 GMT
server: cloudflare
etag: 0x8D8F2581726E85D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0c6caa1d-301e-00dd-7e1e-278b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c61b9b92bc6-FRA

GET
H2 200 satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js Show response
assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/ Frame 0052 311 KB
90 KB 75ms
56ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4d508a35a965f9ee8b114ae8b6c89851adc7f4cbad0415de44f0feb70563856c

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 07:59:55 GMT
server: AkamaiNetStorage
etag: "fd7a4270784c355fbd522f8e003f3c12:1616572795.351748"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 92130
expires: Fri, 09 Apr 2021 12:12:05 GMT

GET
H/1.1 200
OK n-w-logo.svg
www.onlinebanking.natwest.com/brands/NWB/images/ Frame 0052 5 KB
5 KB 47ms
46ms Image
image/svg+xml 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/brands/NWB/images/n-w-logo.svg

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 4874
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WebResource.axd Show response
www.onlinebanking.natwest.com/ Frame 0052 23 KB
23 KB 48ms
48ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/WebResource.axd?d=Cmj2wdbIzodHqG_1PA37Bk4WoldIkQdlxX4rcW_mpOV71O6rleIcd7IeijpiPN4Ejqcg2hvVGpGrlP2nzZfNZLbDwdc1&t=636947600206125990

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 May 2019 19:53:40 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sat, 09 Apr 2022 01:17:27 GMT

GET
H/1.1 200
OK mm.js Show response
www.onlinebanking.natwest.com/Brands/ Frame 0052 9 KB
10 KB 85ms
84ms Script
application/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/mm.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

7ff1d2812ffac71e20f669c8d8b3a76a1c369afec61a564549e1700f3071538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 9476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WebResource.axd Show response
www.onlinebanking.natwest.com/ Frame 0052 26 KB
27 KB 122ms
121ms Script
application/x-javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/WebResource.axd?d=oWDioZzZI0SGEHDrJWGO9A15jtq7fF3l3w2sNCHx0I5zpOlbGQLCi8XT9BjnFR-thkTSvbR-9NqyYbLEWKTh0kVUibs1&t=636947600206125990

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 May 2019 19:53:40 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-XSS-Protection: 1; mode=block
Expires: Sat, 09 Apr 2022 01:17:27 GMT

GET
H2 200 nw-security-banner-vishing-194x443.gif
personal.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/ Frame 0052 14 KB
15 KB 133ms
32ms Image
image/gif 20.49.208.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://personal.natwest.com/content/dam/natwest/personal/fraud-and-security/olb-banners/nw-security-banner-vishing-194x443.gif

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.208.53 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher6uksouth
date: Fri, 09 Apr 2021 11:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:59:05 GMT
server: Apache
etag: "3827-5b4e59c385040"
x-vhost: Natwest Personal
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 14375
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK FSCS_Protected_Logo.png
www.onlinebanking.natwest.com//Brands/NWB/images/ Frame 0052 6 KB
6 KB 45ms
45ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com//Brands/NWB/images/FSCS_Protected_Logo.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 5679
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK error-marker.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 1 KB
2 KB 46ms
45ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/error-marker.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1090
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RealtimeLogin.js Show response
www.onlinebanking.natwest.com/Brands/jq_scripts/ Frame 0052 3 KB
3 KB 47ms
47ms Script
application/javascript 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/jq_scripts/RealtimeLogin.js

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

8fed25d950a68b39c624682efca2ba8179aef53498ce62af94a999183a464cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2804
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RNHouseSansW05-Regular.woff2
www.onlinebanking.natwest.com/Brands/NWB/fonts/ Frame 0052 21 KB
22 KB 37ms
37ms Font
font/woff2 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/fonts/RNHouseSansW05-Regular.woff2

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.onlinebanking.natwest.com
Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: max-age=900
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 0052 33 KB
12 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 09 Apr 2021 12:12:05 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame 0052 25 KB
9 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Fri, 09 Apr 2021 12:12:05 GMT

GET
H/1.1 200
OK white-lock.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 285 B
895 B 35ms
35ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/white-lock.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 285
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK li5_outer_frame_top_curve.gif
www.onlinebanking.natwest.com/images/ Frame 0052 19 KB
19 KB 56ms
54ms Image
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/images/li5_outer_frame_top_curve.gif

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Date: Fri, 09 Apr 2021 11:12:05 GMT
X-FRAME-OPTIONS: SAMEORIGIN, SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
X-UA-Compatible: IE=edge
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Length: 19608
X-XSS-Protection: 1; mode=block
RBSPageID: PNF
Expires: -1

GET
H/1.1 200
OK radio-normal.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 1 KB
2 KB 48ms
46ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/radio-normal.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1317
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined-shape.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 359 B
969 B 48ms
46ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/combined-shape.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 359
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK down-chevron.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 295 B
905 B 51ms
49ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/down-chevron.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 295
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK check-box.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 157 B
767 B 47ms
46ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/check-box.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 157
X-XSS-Protection: 1; mode=block

GET
H2 200 6a1d7b64.js Show response
logon.onlinebanking.natwest.com/scripts/6a1d7b63/ Frame 0052 699 KB
142 KB 72ms
17ms Script
application/javascript 2600:9000:2093:8a00:8:4d07:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logon.onlinebanking.natwest.com/scripts/6a1d7b63/6a1d7b64.js
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:8a00:8:4d07:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fa26eb8985c7a268ec2d7c561fde8cdece1b5b383d17c269a01b1fe1512a830

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 05:16:48 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 12:08:26 GMT
server: AmazonS3
age: 21318
etag: "27473e15cf986de42bed162b3b26edf4"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8425e6875af3862b0f8a816b9812f408.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-length: 144475
x-amz-cf-id: W7tT1kvFM6zNnRy6TqeVCY0kg_AheMeAkytJcBL7v1feWulaB9kSRQ==

GET
H2 200 4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json Show response
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/ Frame 0052 2 KB
2 KB 27ms
13ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6396ebcbac534877e4c5769b604671c93d96e5decff3654108746d0c30d59e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cj7fHfrytkrmrRE4gtZKEw==
age: 6131
vary: Accept-Encoding
content-length: 1095
cf-request-id: 0957ee12f40000c295e3324000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:06:29 GMT
server: cloudflare
etag: 0x8D886211385B02B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fea74b97-901e-0175-030c-b81908000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c64bb33c295-FRA

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ Frame 0052 21 KB
8 KB 95ms
20ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=39893241
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H/1.1 200
OK radio-selected.png
www.onlinebanking.natwest.com/Brands/NWB/images/ Frame 0052 2 KB
2 KB 36ms
36ms Image
image/png 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/images/radio-selected.png

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/Brands/NWB/css/npc.css?v=637489349560000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:18 GMT
ETag: "08b5873183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=900
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1633
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK RNHouseSansW05-Bold.woff2
www.onlinebanking.natwest.com/Brands/NWB/fonts/ Frame 0052 22 KB
22 KB 62ms
47ms Font
font/woff2 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinebanking.natwest.com/Brands/NWB/fonts/RNHouseSansW05-Bold.woff2

Requested by

Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),

Reverse DNS

Software

Resource Hash

ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.onlinebanking.natwest.com
Referer: https://www.onlinebanking.natwest.com/Brands/master.css?v=637489349580000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Apr 2021 11:12:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 14 Feb 2021 21:29:16 GMT
ETag: "05e2772183d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: max-age=900
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.5.0/ Frame 0052 325 KB
68 KB 13ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 9011674
vary: Accept-Encoding
content-length: 69711
cf-request-id: 0957ee130500002bc6d22e7000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:22 GMT
server: cloudflare
etag: 0x8D84A3B58DE8819
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c64df282bc6-FRA
expires: Sat, 17 Apr 2021 11:12:05 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/91b15d2a-e370-49ef-a7f2-6e0470056317/ Frame 0052 150 KB
23 KB 13ms
13ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/91b15d2a-e370-49ef-a7f2-6e0470056317/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7a95263356a0095c3d40a7850fdd16991c4a07873d8ebb9ce239994df82cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X4VQA/+BqeYzL+vGjoZtCg==
age: 4846
vary: Accept-Encoding
content-length: 23535
cf-request-id: 0957ee13230000c295408b2000000001
x-ms-lease-status: unlocked
last-modified: Wed, 11 Nov 2020 09:06:40 GMT
server: cloudflare
etag: 0x8D886211A5D901E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 29e22c8d-501e-00ab-7d0b-b80ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c650b97c295-FRA

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ Frame 0052 9 KB
3 KB 16ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3ZrBbr/xQHzp7Lx6ANEcZw==
age: 1414934
vary: Accept-Encoding
content-length: 2778
cf-request-id: 0957ee133c0000c295cdb42000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55C93760
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c982abf5-f01e-0121-4152-20f382000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c652bb7c295-FRA
expires: Sat, 17 Apr 2021 11:12:05 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ Frame 0052 61 KB
15 KB 14ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Apr 2021 11:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 1414933
vary: Accept-Encoding
content-length: 14901
cf-request-id: 0957ee133c0000c295240e4000000001
x-ms-lease-status: unlocked
last-modified: Thu, 27 Aug 2020 03:43:17 GMT
server: cloudflare
etag: 0x8D84A3B55B1B344
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 33f2d9c0-301e-00f4-0952-20fd0a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63d34c652bbac295-FRA
expires: Sat, 17 Apr 2021 11:12:05 GMT

GET
BLOB 200
OK b9e9ab37-640d-4518-a869-979662b9286d
https://www.onlinebanking.natwest.com/ Frame 0052 168 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.onlinebanking.natwest.com/b9e9ab37-640d-4518-a869-979662b9286d
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/login.aspx?refererIdent=64A29F7589F0FC21313E0EE2FD86F72CE54A920E
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfee92627d3ee6ef32f79d53989ba3e960cd5edfafd764f8089e1ad18c18327f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 171648

GET
H2 200 RC86ab34e5af2b4b439e5547a4400221a0-source.min.js Show response
assets.adobedtm.com/90decdbe34ba/7870138cbf13/9b69a53a3a8f/ Frame 0052 1 KB
781 B 19ms
19ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/90decdbe34ba/7870138cbf13/9b69a53a3a8f/RC86ab34e5af2b4b439e5547a4400221a0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-08b84ffc82250dd93a29554e43774d72e7c1876b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 453e8e324c5929b0298fedc463b106f2c2dd7c85825858e3bcff16eccc2e731b

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:06 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 07:59:56 GMT
server: AkamaiNetStorage
etag: "befd2859d8d020084c04c01b4a646625:1616572796.3483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.onlinebanking.natwest.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 09 Apr 2021 12:12:06 GMT

GET
H/1.1 200
OK / Show response
www.onlinebanking.natwest.com/TSPD/ 0
354 B 46ms
45ms XHR
text/html 155.136.22.4
RBSG-UK-AS Edinburgh

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlinebanking.natwest.com/TSPD/?type=22
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/TSPD/085c953939ab2000861c6668d1a5d6dfd2fe6ec2ce0c5bef708724731e42b99ed10e02bb3d35c021?type=17
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 155.136.22.4 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlinebanking.natwest.com/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Length: 0
Content-Type: text/html

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/ Frame 0052 316 KB
114 KB 36ms
36ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Requested by: Host: www.onlinebanking.natwest.com
URL: https://www.onlinebanking.natwest.com/default.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 85acc3ba018b57a66313b596e65249cb9f71295eed661f8b3e757fb79c1aa5d1

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:06 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/setting/accountproperties/ Frame 0052 5 KB
1 KB 79ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/setting/accountproperties/?cb=lpCb8255x68281
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 4942112e7d46667823a1a9baeccd99b778537155af686d6bd807ceca3e9d4a9a

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:06 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 09 Apr 2021 11:13:06 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/le-campaigns/ Frame 0052 32 KB
5 KB 85ms
35ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 10e4138f8f285f07cd34836bfbee4a409875c0948d4e008e9c814408887caae6

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:06 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 09 Apr 2021 11:13:02 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame 7C90 39 KB
16 KB 81ms
20ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=39893241&env=prod&isCrossDomain=true
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=39893241&env=prod&isCrossDomain=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onlinebanking.natwest.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onlinebanking.natwest.com/

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-type: text/html
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Fri, 09 Apr 2021 11:22:08 GMT
cache-control: max-age=600

GET
H2 200 refererrestrictions Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/domainprotection/ Frame 7C90 2 KB
826 B 20ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/domainprotection/refererrestrictions?cb=lpCb93201x50267
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=39893241&env=prod&isCrossDomain=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 395aa163871c687dfb5bf7c01adfdf4fcc36de739f55f57b7ad4961d61b41487

Request headers

Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 0
expires: Fri, 09 Apr 2021 11:12:15 GMT

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame 0052 38 KB
15 KB 48ms
47ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%3A%2F%2Fwww.onlinebanking.natwest.com&site=39893241&force=1&env=prod&isCrossDomain=true
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 09 Apr 2021 11:22:08 GMT

GET
H2 200 39893241 Show response
lo.v.liveperson.net/api/js/ Frame 0052 237 B
1 KB 105ms
47ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/39893241?&cb=lpCb70910x52738&t=sp&ts=1617966728728&pid=9931158486&tid=5595739688&pt=Log%20in%20to%20NatWest%20Online%20Banking&u=https%3A%2F%2Fwww.onlinebanking.natwest.com%2Flogin.aspx%3FrefererIdent%3D64A29F7589F0FC21313E0EE2FD86F72CE54A920E&r=https%3A%2F%2Fwww.onlinebanking.natwest.com%2Fdefault.aspx&sec=%5B%22brand%3Anatwest%22%2C%22lob%3Apersonal-service%22%2C%22location%3Aebanking%22%2C%22pageid%3ALI5%22%2C%22sectiontree%3Aolb%3A%20nw%3Eolb%3Elogin%3Eindex%3Eli5%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: cd3eae2b654da8fe91e4ec5b942a4382c5f8c39eb80327368fb202b79577d0f5

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 39893241 Show response
lo.v.liveperson.net/api/js/ Frame 0052 406 B
1014 B 24ms
24ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/39893241?sid=L4BS8LNqR7WpfOnKcokQyw&cb=lpCb14046x43630&t=uc&ts=1617966726593&pid=9931158486&tid=5595739688&sdes=%5B%7B%22type%22%3A%22error%22%2C%22error%22%3A%7B%22message%22%3A%22ewcheck%22%7D%7D%2C%7B%22type%22%3A%22cart%22%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%7D%2C%22quantity%22%3A1%7D%5D%7D%5D&vid=dkNjI1MzA0YzRlNmU4OGI1
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: 2e53b27217c7f18fa838d435d5f1bfd747a4e874590ac43031c32fb8eda8fd5a

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/ Frame 0052 6 KB
3 KB 21ms
20ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/overlay.js?_v=3.45.0.2-release_5052
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: ce6b06622a4926461816b327cbe0216869fed4a23588de383f49a4878d7c87b2

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 13:09:03 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 09 Apr 2021 11:22:08 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/ Frame 0052 30 KB
12 KB 80ms
79ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/UISuite.js?_v=3.45.0.2-release_5052
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 13:09:03 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 09 Apr 2021 11:22:08 GMT

GET
H2 200 26900 Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/le-campaigns/campaigns/2141342050/engagements/2141342250/revision/ Frame 0052 2 KB
1 KB 21ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/le-campaigns/campaigns/2141342050/engagements/2141342250/revision/26900?v=3.0&cb=lp2141342250&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: df4848952410c00b0fc5f3c5a984d045ac16fb8dd5e2d94d3dfa12bcb2bdab77

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 09 Apr 2021 11:12:51 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/setting/accountproperties/ Frame 0052 5 KB
1 KB 34ms
34ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/setting/accountproperties/?cb=lpCb94646x85089
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: dce368bf9d1f21c58263433ee31b78df1ebe17976690c40b7ab6cbee66e2bd09

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 09 Apr 2021 11:13:06 GMT

GET
H2 200 39893241 Show response
lo.v.liveperson.net/api/js/ Frame 0052 111 B
854 B 22ms
22ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/39893241?sid=L4BS8LNqR7WpfOnKcokQyw&cb=lpCb26677x94731&t=pl&ts=1617966728733&pid=9931158486&tid=5595739688&vid=dkNjI1MzA0YzRlNmU4OGI1
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: 2b6bbcbd1813c97dfd6416c964bd80c0a8e4b470fd28cdbf04d159f62dda4956

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1770992750 Show response
accdn.lpsnmedia.net/api/account/39893241/configuration/engagement-window/window-confs/ Frame 0052 5 KB
2 KB 34ms
34ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/39893241/configuration/engagement-window/window-confs/1770992750?cb=lpCb34604x21447
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 5f048fcdb93198d48e78a4f94bd22ec5dab77616b828160021aeb73abf6c44f0

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:08 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 1
expires: Fri, 09 Apr 2021 11:12:30 GMT

GET
H2 200 PROIN-1121-Cora-NW-80px.png
personal.natwest.com/content/dam/natwest/personal/support-centre/cora/cora-engagements/ Frame 0052 6 KB
6 KB 25ms
24ms Image
image/png 20.49.208.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://personal.natwest.com/content/dam/natwest/personal/support-centre/cora/cora-engagements/PROIN-1121-Cora-NW-80px.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.208.53 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

457aa783190fe8fcb54041bf46e99cec8d67cef1b42a4887b8e8db5eab7594d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher6uksouth
date: Fri, 09 Apr 2021 11:12:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:59:20 GMT
server: Apache
etag: "1775-5b4e59d1d3200"
x-vhost: Natwest Personal
x-frame-options: SAMEORIGIN
content-type: image/png;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 6005
x-xss-protection: 1; mode=block

GET
H2 200 PROIN-1121-Cora-NW-80px.png
personal.natwest.com/content/dam/natwest/personal/support-centre/cora/cora-engagements/ Frame 0052 6 KB
6 KB 24ms
24ms Image
image/png 20.49.208.53
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://personal.natwest.com/content/dam/natwest/personal/support-centre/cora/cora-engagements/PROIN-1121-Cora-NW-80px.png

Requested by

Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.45.0.2-release_5052/jsv2/UISuite.js?_v=3.45.0.2-release_5052

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.208.53 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

457aa783190fe8fcb54041bf46e99cec8d67cef1b42a4887b8e8db5eab7594d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher: dispatcher6uksouth
date: Fri, 09 Apr 2021 11:12:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:59:20 GMT
server: Apache
etag: "1775-5b4e59d1d3200"
x-vhost: Natwest Personal
x-frame-options: SAMEORIGIN
content-type: image/png;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 6005
x-xss-protection: 1; mode=block

GET
H2 200 39893241 Show response
lo.v.liveperson.net/api/js/ Frame 0052 42 B
792 B 23ms
22ms Script
application/javascript 178.249.97.70
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lo.v.liveperson.net/api/js/39893241?sid=L4BS8LNqR7WpfOnKcokQyw&cb=lpCb23836x58350&t=uc&ts=1617966728992&pid=9931158486&tid=5595739688&vid=dkNjI1MzA0YzRlNmU4OGI1&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A2141342050%2C%22engId%22%3A2141342250%2C%22revision%22%3A26900%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/39893241/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=natwest&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.70 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo.v.liveperson.net
Software: ws /
Resource Hash: a3b656ff0addb288682f7e61d51fb845ec9d5b614e4281866cdddd3fa91807bc

Request headers

Referer: https://www.onlinebanking.natwest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 11:12:09 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: neodgnejhhhlcdoglifbmioajmagpeci
URL: chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png

Domain: nconiknmmhhhffhmbknbplalknajiaef
URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png

Domain: nconiknmmhhhffhmbknbplalknajiaef
URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png

Domain: rumola
URL: chrome://rumola/content/rumola48.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png

Domain: bjjgbdlbgjeoankjijbmheneoekbghcg
URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png

Domain: jnhgnonknehpejjnehehllkliplmbmhn
URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png

Domain: nndknepjnldbdbepjfgmncbggmopgden
URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png

Domain: gpolcofcjjiooogejfbaamdgmgfehgff
URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css

Domain: cplklnmnlbnpmjogncfgfijoopmnlemp
URL: chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png

Domain: djflhoibgkdhkhhcedjiklpkjnoahfmg
URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js

Domain: djflhoibgkdhkhhcedjiklpkjnoahfmg
URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html

Domain: iebpjdmgckacbodjpijphcplhebcmeop
URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TS36d71c00077 Value: 085c953939ab28005e299827936932ce2dc29612feef6c936e61c3143eaff82558b0b6bd7ecf3486be7cd5905fce56a908bca190441720004dd0edd0fed11392071d2442ddb2c4bc0f8ed7e0c99229af02564b5432af874d
.natwest.com/	1970-01-20 02:11:42	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Apr+09+2021+13%3A12%3A06+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&hosts=&consentId=29efb8ab-f11f-4c8f-a53c-d800751d8d4b&interactionCount=0&landingPath=https%3A%2F%2Fwww.onlinebanking.natwest.com%2Flogin.aspx%3FrefererIdent%3D64A29F7589F0FC21313E0EE2FD86F72CE54A920E&groups=C0001%3A1%2CC0009%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.natwest.com/	1970-01-20 02:11:42	Name: bmuid Value: 1617966725991-66CDE2B0-8CD2-4FC5-BE70-CD7877B73924
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TSfebd381b027 Value: 085c953939ab2000be28ade7a9fc87b59578647ac0849beca8303d4dfda925147f6db8a9dc8c775e08e0db49c9113000f3e6b7e91e127e929d35ffea80a772d2386f68bdfd8534ce2e40c0e4d39c0ab839e0c665895381d5bcc229b2102f9b4d
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TS0112addc Value: 01662b9c3e2f0ef0554967e4b3c3ceee72f659ab2a0a5d816013712d64e01b14fcf6b0dca922b65465a9feffcfe9b387634252506f7b72a0ccef9916823e439e1b657d2ae0b8e75345a0d1afe94d8fde604c7286d150fdd587587668ef5a8c48f47dc10bfa434939fef594d7084f86d14b00f5d810299172235a53ffb399bdaf3c312c1bc8ab6c3e213ed91911b0e081f51aa704d3d7afec927e5eb3e4320361480a07319e540850872a553f0c7455304a645d02f298df7bd1af2ff797d3022cae8661e87dd577cc3a7f7e578b0cb9cd558bb26cebf0895b79e039ea2bcdc058681440cd34775547f00f7c6ce29cb37bc46ea18b4c7ef35c7d57f5bf3c4212bfdcab5bff07836e1a629ccb84c4110724a70d037f88691eee79524b14cbdc339fb043a25aaa
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: BrowserConfigKey Value: .*
.natwest.com/	1969-12-31 23:59:59	Name: at_check Value: true
.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: cdContextId Value: 1
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: submind Value: 0
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0gmyaxextaxl2clxuiihzsh2
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: shadowStatus Value: Status=False
.www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: cdContextId Value: 1
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: hdnss Value: NgcAABAAAAANw4NTABL2FaYS22Z4F4j8wYZXfZVCenIcTMlVOA/4v5OIGOQU4z3jgAOSceacSNF6BeW/RdlTojQZzq9wEXleOuMiltxHi6QqlT3z6I+VEkbAODBpdHarBE5aOqouNdzTd7FVjKVYnD4g5ntkCbhsgDEHJYRDr2FJFxfTe7Kr3w**
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: bcsid Value: c80d848569ac4dbbafa5ce8cd4136d06
.natwest.com/	1969-12-31 23:59:59	Name: cdContextId Value: 1
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: TSPD_101 Value: 085c953939ab28009abb7a9141f08a9cd5776d391824f08f8b299358a409e72bf39af80a88d6b49a3e6e2f5fd26e9e4808f4861c2f05180063a5e759e15855044265b9c39355f8b9102258538ac1daf7
www.onlinebanking.natwest.com/	1969-12-31 23:59:59	Name: BIGipServer~eBank~pool-www.nwolb.com-2017 Value: !Ck9gLpTLjpkCMHprJGUZqVbDUnN/DL8bWPnCHbyN4KD1Ug7rRIH3JmFClHcTfbrWtvbUNKZNFxT3NH4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
assets.adobedtm.com
bjjgbdlbgjeoankjijbmheneoekbghcg
cdn.cookielaw.org
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
lo.v.liveperson.net
logon.onlinebanking.natwest.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
personal.natwest.com
rumola
www.onlinebanking.natwest.com
bjjgbdlbgjeoankjijbmheneoekbghcg
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
rumola
155.136.22.4
178.249.97.23
178.249.97.70
178.249.97.98
178.249.97.99
20.49.208.53
2600:9000:2093:8a00:8:4d07:a640:93a1
2606:4700::6810:9540
2a02:26f0:6c00:28a::1e80
10e4138f8f285f07cd34836bfbee4a409875c0948d4e008e9c814408887caae6
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1aea65aeda4e39957158bacd84556ed7a77ab468265e2a163265b346b7f60965
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ec277d20cb0b2b9d72322f3cc32d988435978a6a8f72b28e0f8ac8b1bf17a72
25c5b4cec8edaf7b942158d64f5149de4d0963d452233fa843f9bfc6d2c0adf2
27f324f2ad60091d5e8f76adfef83f9122dc8aa8df29d0a8d970bfe06aaa5005
2b6bbcbd1813c97dfd6416c964bd80c0a8e4b470fd28cdbf04d159f62dda4956
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
2e53b27217c7f18fa838d435d5f1bfd747a4e874590ac43031c32fb8eda8fd5a
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
395aa163871c687dfb5bf7c01adfdf4fcc36de739f55f57b7ad4961d61b41487
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42e70c32efffee33a1d8bddf152d6b754fa8abb83c6166444b8d41b217d9dae6
453e8e324c5929b0298fedc463b106f2c2dd7c85825858e3bcff16eccc2e731b
457aa783190fe8fcb54041bf46e99cec8d67cef1b42a4887b8e8db5eab7594d3
4942112e7d46667823a1a9baeccd99b778537155af686d6bd807ceca3e9d4a9a
4d508a35a965f9ee8b114ae8b6c89851adc7f4cbad0415de44f0feb70563856c
4f5a022467e927b5b385cc335e58434a49bad0520ed018fc059075069d695c79
55e42fd9082763b80d9a4b46abb593b3987cb88ef45bec6f7d3c0448eead7c42
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5f048fcdb93198d48e78a4f94bd22ec5dab77616b828160021aeb73abf6c44f0
5fa26eb8985c7a268ec2d7c561fde8cdece1b5b383d17c269a01b1fe1512a830
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56
6396ebcbac534877e4c5769b604671c93d96e5decff3654108746d0c30d59e7a
668faa210a0e0cabb9aa13a1a6ad4e3b22b0f9cad90c43694ba37a8a4714b0e6
6b5951a57473624f9f44e38f5c7d4b10103329f1fbd1f1e9defe6a0b1408f361
775e8386e57796861a1fb8a29e343142324976ce08b530cdb8086d06fab0d19d
7d86c5b305b199c96eae0f0428f86e9712fb04b0424a9b6bbd746990283a2b8a
7f7ec2e58297c4bde7092dfc2ff03fbe675ed812e708d92b6f9ab06bbd86095d
7ff1d2812ffac71e20f669c8d8b3a76a1c369afec61a564549e1700f3071538f
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
85acc3ba018b57a66313b596e65249cb9f71295eed661f8b3e757fb79c1aa5d1
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b3f2a5e3bc82b1cb3454db34dc76a123ea8c08867cce3ed6abee383a32693a4
8fed25d950a68b39c624682efca2ba8179aef53498ce62af94a999183a464cd6
93540c925e96689eae547253a7f8fe6d73f53fd263cdbb8da18ab623fbcbcfe1
9be8b2c42ad2d6f7327f62a7d03995a5a4615770154941d59493473186e5140c
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a3b656ff0addb288682f7e61d51fb845ec9d5b614e4281866cdddd3fa91807bc
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2
b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2
bfee92627d3ee6ef32f79d53989ba3e960cd5edfafd764f8089e1ad18c18327f
cd3eae2b654da8fe91e4ec5b942a4382c5f8c39eb80327368fb202b79577d0f5
cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04
ce64c0d35d4ad8fd2fa79ecd45d6db37982940958b7f51448b697bad342ce55b
ce6b06622a4926461816b327cbe0216869fed4a23588de383f49a4878d7c87b2
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d1c878b4e69d9da5292c53b1f46708de74c435144895bdfd697208406466a814
d2955b58d801a021737f025d1716a68fd2a143ddac3e0b749fcc053deba6e082
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d81db57832f4742b67755f90f8c3d37735cb9f58dbb10e312f931343d27552c6
dce368bf9d1f21c58263433ee31b78df1ebe17976690c40b7ab6cbee66e2bd09
df4848952410c00b0fc5f3c5a984d045ac16fb8dd5e2d94d3dfa12bcb2bdab77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f2b557317fb851b3ed73c2d8203192e9ed433bd006ca5025ccb3317ef15e1b8d
fb7a95263356a0095c3d40a7850fdd16991c4a07873d8ebb9ce239994df82cd4

www.onlinebanking.natwest.com Open in urlscan Pro 155.136.22.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

69 %HTTPS

33 %IPv6

6 Domains

19 Subdomains

10 IPs

3 Countries

1427 kBTransfer

3574 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onlinebanking.natwest.com Open in urlscan Pro
155.136.22.4 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

69 %
HTTPS

33 %
IPv6

6
Domains

19
Subdomains

10
IPs

3
Countries

1427 kB
Transfer

3574 kB
Size

17
Cookies

84 HTTP transactions
8 data transactions