myrewards.natwest.com
Open in
urlscan Pro
45.60.1.158
Public Scan
Effective URL: https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Submission: On November 25 via manual from GB
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 13th 2020. Valid for: a year.
This is the only time myrewards.natwest.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 81.92.120.170 81.92.120.170 | 39905 (EMAILVISION) (EMAILVISION) | |
4 | 45.60.1.158 45.60.1.158 | 19551 (INCAPSULA) (INCAPSULA) | |
4 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
natwest.com
myrewards.natwest.com |
25 KB |
1 |
emv3.com
1 redirects
p6tre.emv3.com |
378 B |
4 | 2 |
Domain | Requested by | |
---|---|---|
4 | myrewards.natwest.com |
myrewards.natwest.com
|
1 | p6tre.emv3.com | 1 redirects |
4 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.myrewards.natwest.com COMODO RSA Organization Validation Secure Server CA |
2020-05-13 - 2021-05-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement
Frame ID: AD52D432A41AC6F1234B2EAF7CD72B9C
Requests: 3 HTTP requests in this frame
Frame:
https://myrewards.natwest.com/_Incapsula_Resource?CWUDNSAI=22&xinfo=8-78318540-0%200NNN%20RT%281606293234218%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%20U18&incident_id=473000230171003020-285111383817258440&edet=16&cinfo=04000000&rpinfo=0
Frame ID: 3E82EE0C4FB29DC7A6470AE80CE4C83E
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://p6tre.emv3.com/HS?b=m1oH6msp6nQ3-T1qv_zlSGhLgPUZQiaBieUa3ekuTfANVIgHeJ02pjKJ0ENyKYw9&c=KZ24...
HTTP 302
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://p6tre.emv3.com/HS?b=m1oH6msp6nQ3-T1qv_zlSGhLgPUZQiaBieUa3ekuTfANVIgHeJ02pjKJ0ENyKYw9&c=KZ24nq5TP5RxTlMTg0njDg
HTTP 302
https://myrewards.natwest.com/Login?ReturnUrl=%2FMyAccount%2FStatement Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login
myrewards.natwest.com/ Redirect Chain
|
834 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
myrewards.natwest.com/ |
123 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
myrewards.natwest.com/ |
1 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
myrewards.natwest.com/ Frame 3E82 |
11 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3E82 |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3E82 |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
myrewards.natwest.com/ | Name: ___utmvc Value: vYYx8w0baU77YkJXltHSVur23oVEvinTqhEprWLZS65VVWTfJXXGgBuwX4RZaqssVp3KyDpNXG+xQ9kVdkXZk830Jui41i0v79oga32sjUKaoqOSBYyMaFVZI139p1cv5+5o2TpDI4Xj1B4/GM4cLUVWRxu9dDgnBNTlh99493cDCyj8QasuAaiUQs8g0aJFuaojbQRAdZR7Zf9Il+A4YvqqcQwJoOfQbeCAbfAwwwVtBdxeIqdDPHvxooXuGyWzHKuk0fHEAP667qaNjSTa5UgmBQUGbZloXAsMuamcg5S9RCKGZ7LsXVG+pLHOeFtT9iNH+F/fOQfSlrECNNI2G59YfcpcrvdFraCqYI90LreHella+T8IXHHst6546LLx+mZTyqEuRm28UVzvxjpVZmQ4wxyeaxSDauVenLUQP/Tl159Dut6+7aM8vbnRuIAFVdE/kvjoliftWIa6Qd/2/c/5ezzMRQTDvXXl0Ea8TwdmgwPGlApJI8obZrfdSwhKUZW2Ltv+oNJJiGJHqISL/hckKaVpkaxNQTLmtSGiS04VbaSvvBkaQbqiOf7/msq5nYOgCsPVG18QoSvuXF1GQSW6zG0oOgj/upg1/UfFjJzTEE8GYWumUS77igYck6x5IUIZ+tjcmLYOppi55fu2X4Zo7/qEG4r8tA1NlLiWX1dGKCQwiANdFFQOO3kUJM7qk7YITq7rdIxoUCMQYGFWDKBmAD8GLKu5XmKehTOLseuEctQ2z9V9Y082J/+23kq2eVD9kB+wgZkIjkdbkb/y/qsjvu5jh5NBQw02glBkKJucgQM9asHpaMCZOrrdB+lIo2aNNjweanwO711sMZhmkavL4z76BQWbMj/NuSwOSwQGihC57BQmvH7xuP2S596Cr0zI/rWAaM7eoIwIVYkOaFlgEo0tpt8dmwdyP9DaQwQznVJ6VRLJUvqeQdMh9exijs15FDCq191CYR3vjXijPx3c3qojbzGg40zhZtbRUNeqLRL5IRs4HBOxBZeuXu6oqocpRZQWzfzHurp6YPF5g11PWjV6jzofcJXvqOrAkIH28h7Dae7xnvSQtSWOb5le9WAoGCe1EX/zeDw2I5b4jxCfYwf2g/HE4jN+k/pKNs69Hzhfe0xW8Jj37dnDL8T8fmxPcgvnTkm5F/lL/MM4SoyED2iUd1jVOrNsciyH745F+uv7diCbN/7ZkJZGZCBYm0R6T4Yx1QfVcCZe6wwc4RAjMD9KsFi5DrUy8IvPPub35lvfqpCukhkyF1ciVYlLRDjUnX44KxEiPKFzRCRg7ymCFl+NCtmz1R6sZHdWNqBMBwJyXJpZPagS9pTt6iwXWbEXMwei/hxJD1ejwRICkYIxWuqLZiYuuNLNP2n/0LD5khEKkKsXo9Wqak8DTWfJwFqKH1Oo/qt9ZlTNh+PQK0iXo+EFtSo6kD9I5Ti1mOUZxnJ64zv4gz43bZbfgTfvWdqb1xdCS00fBymBfl3Rp2aCgEEG+YmVBpcTjoE1AKyEDJOvHY5gXGud+eyK41XJ2nFKHhEf/eG3r9W0kHrmlB1LaYGx6cdD3wOW7nHS+VIjlRQv/T/9agiE8mp1SPi5Y+gSK3bAbSDRHYwwK7e+WupwYNwxuolWKekr28u8ltur0aYbCVWYMgDF/ysFIbsnQwPSRIh7B2/NBMQQQep2uyGGGShDtz8/DS/Sm38dwhpLS4Rsiqhc18IY8VRgsozsKN1awWsIz74JZfX5bmHG1rKrNTGHGOFeIER6XZE/gXAnDWKOSoEhERCr02L6bKFn4iydLuXxSx/ddzbYvgb0DAgu9Vfu4I0kmlh5MKcdESVlcUofjTd0Ph4mIRmzEo483QCpALHXRvBP9OScJdJ9uRqOC0cD2mMaGiu0oIPd572mG7u7XwP2bvKd9OYW4yHRTNpBqFdBMPUmCpKqtGpxS+p48jxjSmfElahwcsZldEUv8SxkaWdlc3Q9MTM1NjEyLHM9N2M2MzY2YWY3NDgyN2I4MDdlYWY4MjYxNzQ5NjgzYWQ4YjY0ODU3ZWEyYjA5MjY4OWU2YWE4NjlhNjdhNjFhNjhjNmJhNDk4ODM5YTcyNzM= |
|
.natwest.com/ | Name: incap_ses_473_869944 Value: osLXX5ZcxgWMSAUKNG+QBvIWvl8AAAAAj39R3qssM0vK4FATs4xfug== |
|
.natwest.com/ | Name: visid_incap_869944 Value: xYIlbnXzQOmzdpnLdz/CyvIWvl8AAAAAQUIPAAAAAAALXdNQmr3h9oar/L32a6p+ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
myrewards.natwest.com
p6tre.emv3.com
45.60.1.158
81.92.120.170
068a6adc46a5ac0d472b65322aa1f8468d57b2dac7184bee24605d8ba0412d39
319e64e17fc7abe48cf91f1ca2ad7c30ae19ba567c4bc485aa9b2c0ebaa82ba7
7b50694451592ee45ab4426afb035555eb0d3d927c49e9a403e0f5f714dc179d
daee1b3dcf72823d03848b85677905fb03de094bcedc2d9e2ebd9f62af2bf44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9104a9446a1bb88ea39b3c20aa3fd1e8d860bcdab598f763b601b4bc7e5e89