urlscan.io logo urlscan.io
SecurityTrails logo

www.nationwide.co.uk Open in urlscan Pro
155.131.44.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cancelpayment.info/IdentfyCustmer.php
Effective URL: https://www.nationwide.co.uk/
Submission: On May 05 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 10 domains to perform 41 HTTP transactions. The main IP is 155.131.44.69, located in United Kingdom and belongs to Nationwide Building Society, GB. The main domain is www.nationwide.co.uk.
TLS certificate: Issued by DigiCert Global CA G2 on September 10th 2019. Valid for: 2 years.
This is the only time www.nationwide.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 111.90.139.110 45839 (SHINJIRU-...)
1 192.0.78.27 2635 (AUTOMATTIC)
19 155.131.44.69 8698 (Nationwid...)
1 4 34.241.125.133 16509 (AMAZON-02)
1 23.61.220.204 16625 (AKAMAI-AS)
2 18.196.73.164 16509 (AMAZON-02)
2 18.202.184.129 16509 (AMAZON-02)
1 52.208.194.150 16509 (AMAZON-02)
3 15.188.105.205 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
3 51.140.72.164 8075 (MICROSOFT...)
1 99.80.97.22 16509 (AMAZON-02)
1 52.16.233.250 16509 (AMAZON-02)
1 4 23.210.249.113 16625 (AKAMAI-AS)
41 14
1    111.90.139.110 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
cancelpayment.info
1    192.0.78.27 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
href.li
19    155.131.44.69 (United Kingdom)

ASN8698 (Nationwide Building Society, GB)
www.nationwide.co.uk
4    34.241.125.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-125-133.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    23.61.220.204 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-220-204.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net
2    18.196.73.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-73-164.eu-central-1.compute.amazonaws.com
cdn.decibelinsight.net
2    18.202.184.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-184-129.eu-west-1.compute.amazonaws.com
analytics.analytics-egain.com
1    52.208.194.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
nationwide.demdex.net
3    15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
smetrics.nationwide.co.uk
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
3    51.140.72.164 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nationwide.egain.cloud
1    99.80.97.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-97-22.eu-west-1.compute.amazonaws.com
nationwidebuildingso.tt.omtrdc.net
1    52.16.233.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-233-250.eu-west-1.compute.amazonaws.com
cloud-emea.analytics-egain.com
4    23.210.249.113 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com
pixel.mathtag.com
Domain Requested by
19 www.nationwide.co.uk href.li
www.nationwide.co.uk
4 pixel.mathtag.com 1 redirects
4 dpm.demdex.net 1 redirects www.nationwide.co.uk
3 nationwide.egain.cloud analytics.analytics-egain.com
nationwide.egain.cloud
3 smetrics.nationwide.co.uk www.nationwide.co.uk
2 analytics.analytics-egain.com www.nationwide.co.uk
analytics.analytics-egain.com
2 cdn.decibelinsight.net www.nationwide.co.uk
cdn.decibelinsight.net
1 cloud-emea.analytics-egain.com analytics.analytics-egain.com
1 nationwidebuildingso.tt.omtrdc.net www.nationwide.co.uk
1 cm.everesttech.net 1 redirects
1 nationwide.demdex.net www.nationwide.co.uk
1 cdn.tt.omtrdc.net www.nationwide.co.uk
1 href.li
1 cancelpayment.info
41 14
Subject Issuer Validity Valid
www.cancelpayment.info
Let's Encrypt Authority X3		 2020-05-04 -
2020-08-02		 3 months crt.sh
tls.automattic.com
Let's Encrypt Authority X3		 2020-04-10 -
2020-07-09		 3 months crt.sh
nationwide.co.uk
DigiCert Global CA G2		 2019-09-10 -
2021-10-17		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-26 -
2020-11-25		 3 years crt.sh
*.decibelinsight.net
RapidSSL TLS RSA CA G1		 2019-12-16 -
2021-02-13		 a year crt.sh
*.analytics-egain.com
Go Daddy Secure Certificate Authority - G2		 2017-09-07 -
2020-09-07		 3 years crt.sh
smetrics.nationwide.co.uk
DigiCert Global CA G2		 2019-03-15 -
2021-03-15		 2 years crt.sh
*.egain.cloud
Go Daddy Secure Certificate Authority - G2		 2019-02-08 -
2021-02-08		 2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.nationwide.co.uk/
Frame ID: F900A759E03898FA0C7DC93F002B5E11
Requests: 40 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/onetag/EG90342921
Frame ID: F8541F28D4F53A523F5496B934FE3448
Requests: 2 HTTP requests in this frame

Frame: https://nationwide.demdex.net/dest5.html?d_nsid=0
Frame ID: B3B1D883471B4B95F7784D51A1A49DFD
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/iframe/EG90342921
Frame ID: F3E1F21620AC61E1880F0D12EE976AE9
Requests: 1 HTTP requests in this frame

Frame: https://nationwide.egain.cloud/system/templates/chat/egain-docked-chat.js
Frame ID: 2ED068DDCD1932BABA94C69F60898E96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cancelpayment.info/IdentfyCustmer.php Page URL
  2. https://href.li/?https://www.nationwide.co.uk Page URL
  3. https://www.nationwide.co.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

14
IPs

7
Countries

633 kB
Transfer

1336 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cancelpayment.info/IdentfyCustmer.php Page URL
  2. https://href.li/?https://www.nationwide.co.uk Page URL
  3. https://www.nationwide.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407
Request Chain 27
  • https://cm.everesttech.net/cm/dd?d_uuid=68423534771551111161104641117578899568 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrGq_AAAAagH3BTJ
Request Chain 40
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pev2%3Dmediamath-sync-pixel%26c.user.nbs_media_math_id%3D%5BMM_UUID%5D%26AQE%3D1 HTTP 302
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pev2%3Dmediamath-sync-pixel%26c.user.nbs_media_math_id%3D%5BMM_UUID%5D%26AQE%3D1&mm_bnc&mm_bct&UUID=8be35eb1-aaf8-4b00-a702-e4cbbc0cc82e

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set IdentfyCustmer.php
cancelpayment.info/ 		130 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cancelpayment.info/IdentfyCustmer.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.139.110 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/5.6.37
Resource Hash

Request headers

Host
cancelpayment.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 06 May 2020 18:06:15 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/5.6.37
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=f3005ot3rguo4fdof07j0av9v7; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
href.li/ 		452 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://www.nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
27d3dcfdd9964c3dbb6f9ff23a58c6e4af2a0d2b7679871542b167299f0512d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://www.nationwide.co.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cancelpayment.info/IdentfyCustmer.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cancelpayment.info/IdentfyCustmer.php

Response headers

status
200
server
nginx
date
Tue, 05 May 2020 18:05:41 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
3.fra _dfw
Primary Request Cookie set /
www.nationwide.co.uk/ 		83 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/
Requested by
Host: href.li
URL: https://href.li/?https://www.nationwide.co.uk
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
24b2d056f9e95705104f02314c56b23be947462997d91a6a1a393735ea692955
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.nationwide.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Set-Cookie
ASP.NET_SessionId=rmeq0sr15h2lerkozl5qassb; path=/; secure; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=be77f4b89e9b4006a9250fb599fc9e1a; expires=Sun, 05-May-2030 18:05:42 GMT; path=/; secure; HttpOnly SC_ANALYTICS_SESSION_COOKIE=56017B72E09F4DF28BE9DD32E2373E35|1|rmeq0sr15h2lerkozl5qassb; path=/; secure; HttpOnly du=duSA;Path=/;Domain=www.nationwide.co.uk;Expires=Tue, 05-May-2020 18:25:42 GMT TS01d92654=01462af731b6e89a7f225e3d566582462e633beb1a8d6aea902e97d338dd674c91f2342377ae9ee02ce72e3dd300a1a888f6795e3000980ff303038903b0e3de9ed471b59c8450c07fc21b44463f6b3e58f358396c0788cb3bd4b04933881d25316ac6fff9; Path=/; Domain=.www.nationwide.co.uk TS01798c06=01462af7314fd2ee6ba3b4f8589185d4cf078b9b6f8d6aea902e97d338dd674c91f2342377c0ac143e2321b191b0cf6b769c35d9ea0f9068efc71b24b9b236a77e86bf4926; path=/; domain=www.nationwide.co.uk
Date
Tue, 05 May 2020 18:05:42 GMT
Content-Length
19623
Strict-Transport-Security
max-age=16070400
visibleOnly.min.css
www.nationwide.co.uk/assets/main-site/style/ 		161 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/style/visibleOnly.min.css
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
8b8ac543c779387150c43863cafd129caddfbca66ebed76ee246b528957229af
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Tue, 21 Apr 2020 14:55:12 GMT
x-frame-options
SAMEORIGIN
ETag
"08b8dbec17d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:42 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
30741
x-xss-protection
1; mode=block
nbs-essentials.min.js
www.nationwide.co.uk/assets/main-site/script/bundle/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
f5ecb4cafaeeea9fcc116112989c76febbbd037aae0f8f3c8e598b7d9ddf6ddd
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Tue, 21 Apr 2020 14:55:16 GMT
x-frame-options
SAMEORIGIN
ETag
"0621adeec17d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:42 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
71042
x-xss-protection
1; mode=block
meganavflyout.hotfix.css
www.nationwide.co.uk/~/media/MainSite/css/ 		165 B
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/~/media/MainSite/css/meganavflyout.hotfix.css
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
97606768c72e8c23be8da1f58a7cbaabc709819b8ab1790c157d6e51efc9e109
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Wed, 22 May 2019 09:15:34 GMT
x-frame-options
SAMEORIGIN
ETag
df9ad4c064094f359ae5bb7ca6bf42b2
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, no-cache="Set-Cookie", no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:42 GMT
Content-Disposition
attachment; filename="meganavflyout.hotfix.css"
Strict-Transport-Security
max-age=16070400
Content-Length
254
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:42 GMT
herocarousel.css
www.nationwide.co.uk/-/css/assets/main-site/generated/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/-/css/assets/main-site/generated/css/herocarousel.css?id=FC820B40147241A88CFDEF405D59E59C
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
77b7f6ae2458ecc4bea1d9604f23e284951752e32176884ee6d584fe1b2517af
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
x-frame-options
SAMEORIGIN
Date
Tue, 05 May 2020 18:05:42 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
private
Strict-Transport-Security
max-age=16070400
Content-Length
886
x-xss-protection
1; mode=block
logo2xtrans.png
www.nationwide.co.uk/-/media/System/ 		3 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/System/logo2xtrans.png?h=112&w=280
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
454356f4c771dd3d547ee65ea3f7c9aa7d80883833bb42159c0005f56f705d35
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Thu, 18 Aug 2016 09:09:42 GMT
ETag
3b2826f147e04ab5a140d4bff2e97978
x-frame-options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
3041
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
Ways-to-bank-from-home.jpg
www.nationwide.co.uk/-/media/MainSite/images/home-exit/2020/03/Ways-to-bank/ 		15 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/MainSite/images/home-exit/2020/03/Ways-to-bank/Ways-to-bank-from-home.jpg?h=170&la=en&w=360
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
ad974defdf1c16806d47b727329afc3ff8a0b3b2c2d26315996f5b4a736f8830
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Wed, 01 Apr 2020 09:03:51 GMT
ETag
7ade6afec55544eb8714b254f483b240
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
15407
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
brand-hub-security-father-360x170-new.jpg
www.nationwide.co.uk/-/media/MainSite/images/home-exit/2017/10/Brand-ad-bankingapp/ 		11 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/MainSite/images/home-exit/2017/10/Brand-ad-bankingapp/brand-hub-security-father-360x170-new.jpg?h=170&la=en&w=360
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
61ce9a48b7a91db2b9643a82d0d0abf32ce77b2896372420b604d505af849675
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Wed, 05 Sep 2018 11:07:56 GMT
ETag
c07f9989e8ac4161a72d13c9a241447d
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
11328
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
Bradley-Wiggins-with-board-360px.jpg
www.nationwide.co.uk/-/media/MainSite/images/home-exit/2019/12/every-mind-matters/ 		13 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/MainSite/images/home-exit/2019/12/every-mind-matters/Bradley-Wiggins-with-board-360px.jpg?h=170&la=en&w=360
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
f4643fb92ab9f29080b2b0c96de3093a2bbc6d947bc8613efe9228be2d55c069
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Tue, 17 Dec 2019 10:28:18 GMT
ETag
91cb9f39988d48fbb0be0ee731211110
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
13739
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
nbs-homepage.min.js
www.nationwide.co.uk/assets/main-site/script/bundle/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-homepage.min.js?v=20190718
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
e60564e25fba4a7bf011788b8d31cf6f25fb6fe6ac4e0833718a7801c2a79d93
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Tue, 21 Apr 2020 14:55:16 GMT
x-frame-options
SAMEORIGIN
ETag
"0621adeec17d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:42 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
58441
x-xss-protection
1; mode=block
customer-satisfaction.hotfix.js
www.nationwide.co.uk/-/media/MainSite/js/ 		700 B
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/-/media/MainSite/js/customer-satisfaction.hotfix.js
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
8cb7539186913a54afe9309acbf3cd28f4eddd0c1e6bb755951353451a2155a7
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Thu, 22 Feb 2018 12:08:14 GMT
x-frame-options
SAMEORIGIN
ETag
47848ed9f2cb4166a502dde8cdd19828
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Content-Disposition
attachment; filename="customer-satisfaction.hotfix.js"
Strict-Transport-Security
max-age=16070400
Content-Length
472
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
Kantar-logo.png
www.nationwide.co.uk/-/media/MainSite/images/surveys/ 		3 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/MainSite/images/surveys/Kantar-logo.png?h=50&la=en&w=265
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
c39c5b843f2b0bdd486f6af86d5570ec1b1d9f8a9d098094470b36ee463a3af9
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Mon, 22 Jul 2019 11:50:43 GMT
ETag
7b147e0d27e8412287a14c1664e25d0e
x-frame-options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
2716
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
logo2xtrans.png
www.nationwide.co.uk/-/media/System/ 		7 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/System/logo2xtrans.png?h=53&la=en&w=133
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
ad6a2819689cad5bfe7ff1290f031d455d53c79399b28379e5d5199c84dd20de
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Thu, 18 Aug 2016 09:09:42 GMT
ETag
3b2826f147e04ab5a140d4bff2e97978
x-frame-options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
6924
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407
369 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.125.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-125-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0181128fde7d9f8024a97f76d11544e05481df50764c098089b27342c56d5f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v067-0623d31ca.edge-irl1.demdex.com 5.68.0.20200428121513 7ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
pxtBCKnVRJ0=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nationwide.co.uk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.nationwide.co.uk
X-TID
zEfEZ1kWSDk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1588701943407
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
target.js
cdn.tt.omtrdc.net/cdn/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tt.omtrdc.net/cdn/target.js
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.61.220.204 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-61-220-204.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 05 May 2020 18:05:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Oct 2019 05:03:41 GMT
Server
Apache
ETag
"1fcda-aa3e-593d246a6d5b9"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14200
page-body.png
www.nationwide.co.uk/assets/main-site/images/background/ 		2 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/assets/main-site/images/background/page-body.png
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
17561150e865649a9aeeee94cb0f7a17d5e77147d3f2edefbee566f95128ddb3
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/assets/main-site/style/visibleOnly.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Tue, 21 Apr 2020 14:55:18 GMT
ETag
"08f4bdfec17d61:0"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
2100
x-xss-protection
1; mode=block
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c3b918df3d0dc8ce11328cd21f8d9defc5858231b70bb11cd896f2f0bf5ae46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif;charset=UTF-8
nbs-medium-webfont.woff
www.nationwide.co.uk/assets/main-site/fonts/ 		33 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/fonts/nbs-medium-webfont.woff
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
154f369084c28c7ceaf71531663e84382b0f3ac78fffa7f91c4543499b8ee41b
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nationwide.co.uk/assets/main-site/style/visibleOnly.min.css
Origin
https://www.nationwide.co.uk

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Tue, 21 Apr 2020 14:55:32 GMT
ETag
"0caa3e7ec17d61:0"
x-frame-options
SAMEORIGIN
Content-Type
application/x-font-woff
Cache-Control
public,max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
34084
x-xss-protection
1; mode=block
Lady-baking-in-kitchen-large-scale-1900px.jpg
www.nationwide.co.uk/-/media/MainSite/images/home-exit/2020/03/covid-19/ 		100 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwide.co.uk/-/media/MainSite/images/home-exit/2020/03/covid-19/Lady-baking-in-kitchen-large-scale-1900px.jpg?h=960&w=1900
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
cd83c9616859b7b51ce69a4c82d10820fccc02b7373b3059e2d149ac06d22e5a
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/-/css/assets/main-site/generated/css/herocarousel.css?id=FC820B40147241A88CFDEF405D59E59C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Tue, 21 Apr 2020 08:55:54 GMT
ETag
188bf9980fd54b0bbd809898af743240
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, no-cache, max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Content-Length
102654
x-xss-protection
1; mode=block
Expires
Tue, 12 May 2020 18:05:43 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c966bf9fbd36a14c1eb2e9f5abac1be3d43574dd0bfa0ffbef92dc8d68233f1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.nationwide.co.uk

Response headers

Content-Type
application/font-woff
nbs-bold-webfont.woff
www.nationwide.co.uk/assets/main-site/fonts/ 		32 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/fonts/nbs-bold-webfont.woff
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
5cfc1d72a6c4c817544222468ad1a2f27ed404481f529f223c05c1c52bb3ba2c
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nationwide.co.uk/assets/main-site/style/visibleOnly.min.css
Origin
https://www.nationwide.co.uk

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Last-Modified
Tue, 21 Apr 2020 14:55:32 GMT
ETag
"0caa3e7ec17d61:0"
x-frame-options
SAMEORIGIN
Content-Type
application/x-font-woff
Cache-Control
public,max-age=604800
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
33208
x-xss-protection
1; mode=block
essentials.min.css
www.nationwide.co.uk/assets/main-site/style/ 		144 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/style/essentials.min.css
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
fda710da00586ec34af1e2cf30806d549704c4607c8424c425de3868a9c69d72
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Tue, 21 Apr 2020 14:55:12 GMT
x-frame-options
SAMEORIGIN
ETag
"08b8dbec17d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:43 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
29544
x-xss-protection
1; mode=block
di.js
cdn.decibelinsight.net/i/13607/68591/ 		151 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.decibelinsight.net/i/13607/68591/di.js
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.73.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-73-164.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
99f906cdf469f630ee871d2b49d6143f4185f4d58dd3dec3ce591e49e23d8514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:43 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
ETag
W/221856999-171E603D8BD
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
EG90342921
analytics.analytics-egain.com/onetag/ Frame F854 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/onetag/EG90342921
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.184.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-184-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06638e438b2bd885cf4ab6f36c523d1fd427063543ed91d53824b005a51fffc3

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Server
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
max-age=86400
transfer-encoding
chunked
Connection
keep-alive
Expires
Wed, 06 May 2020 18:05:44 GMT
Cookie set dest5.html
nationwide.demdex.net/ Frame B3B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nationwide.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.194.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
nationwide.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nationwide.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=68423534771551111161104641117578899568
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nationwide.co.uk/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 29 Apr 2020 08:00:34 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=68423534771551111161104641117578899568;Path=/;Domain=.demdex.net;Expires=Sun, 01-Nov-2020 18:05:44 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
hyIGxi6mSz0=
Content-Length
2785
Connection
keep-alive
id
smetrics.nationwide.co.uk/ 		89 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.nationwide.co.uk/id?d_visid_ver=4.0.0&d_fieldgroup=A&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&mid=68439802845590150271106239318604860623&ts=1588701943879
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
487f784eec64b78cd76acda1dcec0f7da86e9b9490d7ee80db820c17d3dcc124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Tue, 05 May 2020 18:05:43 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-65fb49f79-psj2x
vary
Origin
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.nationwide.co.uk
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XrGq_AAAAagH3BTJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=68423534771551111161104641117578899568
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrGq_AAAAagH3BTJ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrGq_AAAAagH3BTJ
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.125.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-125-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v067-01d26d743.edge-irl1.demdex.com 5.68.0.20200428121513 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
FICLNHH5Ruk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 05 May 2020 18:05:43 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrGq_AAAAagH3BTJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
698294585a9b44f5abd3073732325a0436f19bfa7b3ae2b89c88653803011c95

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
387cfaa1ebcfdd7d3495a7372cf6381ea76fcd37fc500663f9799e896d537d6c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
id
dpm.demdex.net/ 		369 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&d_mid=68439802845590150271106239318604860623&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012F58D57C0515A657-600007E687B9BE30&ts=1588701944078
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.125.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-125-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
020bdce66228c004e9b7c498caeda0cb8252031795e23793a5169ae63b6f0fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v067-0406060ca.edge-irl1.demdex.com 5.68.0.20200428121513 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
1ob5QwAHS0w=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nationwide.co.uk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
302
Expires
Thu, 01 Jan 1970 00:00:00 GMT
egain-chat.js
nationwide.egain.cloud/system/templates/chat/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nationwide.egain.cloud/system/templates/chat/egain-chat.js
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG90342921
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.72.164 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 01 Feb 2020 23:29:29 GMT
Server
Microsoft-IIS/8.5
ETag
"9ee737357d9d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1068
Offers.egain
nationwide.egain.cloud/system/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nationwide.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fwww.nationwide.co.uk%2F&egofferpagetitle=Nationwide%20Building%20Society%20%7C%20building%20society%2C%20nationwide&egofferpatternchecksum=
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG90342921
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.72.164 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
caaffcd3da5325127ceb2689bba128c29ef0386465d2253f079398c60c3226f6

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Length
2289
X-UA-Compatible
IE=EmulateIE9
EG90342921
analytics.analytics-egain.com/iframe/ Frame F3E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/iframe/EG90342921
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG90342921
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.184.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-184-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
analytics.analytics-egain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nationwide.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.nationwide.co.uk/

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 05 May 2020 18:05:44 GMT
Expires
Wed, 06 May 2020 18:05:44 GMT
Server
Vary
Accept-Encoding
Content-Length
1676
Connection
keep-alive
json
nationwidebuildingso.tt.omtrdc.net/m2/nationwidebuildingso/mbox/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nationwidebuildingso.tt.omtrdc.net/m2/nationwidebuildingso/mbox/json?mbox=nw-global-mbox&mboxSession=d9c848112b1f48178d4425b06dba997f&mboxPC=&mboxPage=63efce7140e144a580661654bb000361&mboxRid=bd4c4977a6c44327a0e51881203153a0&mboxVersion=1.7.0&mboxCount=1&mboxTime=1588709143433&mboxHost=www.nationwide.co.uk&mboxURL=https%3A%2F%2Fwww.nationwide.co.uk%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1585&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=23e05754-9fa3-4581-5efa-ad424d2a15eb&mboxMCSDID=3F27E4B3749EF31E-5ED8C3122F1BC549&vst.trk=metrics.nationwide.co.uk&vst.trks=smetrics.nationwide.co.uk&mboxMCGVID=68439802845590150271106239318604860623&mboxMCAVID=2F58D57C0515A657-600007E687B9BE30&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-essentials.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.97.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-97-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d107ad3123444a7b9c015f9904f39cea3ec58dfb362e254732f39ee9eec93eb0

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 18:05:44 GMT
content-encoding
gzip
timing-allow-origin
*
status
200
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin
https://www.nationwide.co.uk
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-request-id
bd4c4977a6c44327a0e51881203153a0
tracker
cloud-emea.analytics-egain.com/ Frame F854 		153 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-emea.analytics-egain.com/tracker?aId=EG90342921&seqId=1&pU=https%3A%2F%2Fwww.nationwide.co.uk%2F&pT=Nationwide%20Building%20Society%20%7C%20building%20society%2C%20nationwide&pR=&_cb_=EGAINCLOUD._callback.eg174cee1b43ab74
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG90342921
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.233.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-233-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e35de4ca0ae8ee99596998dd6bf270f2b5d17ddfbfa717f9698745c6563f2ef1

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Server
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Content-Length
160
egain-docked-chat.js
nationwide.egain.cloud/system/templates/chat/ Frame 2ED0 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nationwide.egain.cloud/system/templates/chat/egain-docked-chat.js
Requested by
Host: nationwide.egain.cloud
URL: https://nationwide.egain.cloud/system/templates/chat/egain-chat.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.72.164 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
da05276c10c8b302283ed50840d69a0863ff5dc3bb186a87153d5c2c3f888aca

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 01 Feb 2020 23:29:29 GMT
Server
Microsoft-IIS/8.5
ETag
"8092e07257d9d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
10475
c.json
cdn.decibelinsight.net/i/13607/68591/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.decibelinsight.net/i/13607/68591/c.json
Requested by
Host: cdn.decibelinsight.net
URL: https://cdn.decibelinsight.net/i/13607/68591/di.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.73.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-73-164.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9396a3449a858e15ff39a80ac89d67a7012d80dfe49d5941fc3e87976aeba2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:44 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
ETag
W/221857001-171E603DB0F
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nationwide.co.uk
Cache-Control
private, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
s23573525909483
smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.12.0/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.12.0/s23573525909483?AQB=1&ndh=1&pf=1&t=5%2F4%2F2020%2020%3A5%3A44%202%20-120&sdid=3F27E4B3749EF31E-5ED8C3122F1BC549&mid=68439802845590150271106239318604860623&aid=2F58D57C0515A657-600007E687B9BE30&aamlh=6&ce=UTF-8&ns=nationwide&cdp=3&pageName=bw%3Ahomepage&g=https%3A%2F%2Fwww.nationwide.co.uk%2F&c.&page.&nbs_cms_page_version=424&.page&nbs_version_sc=a%3A2.12.0_v%3A4.0.0_at%3A1.7.0_d%3A0.4_20190228_002&nbs_id.&nbs_id_svicookie=D%3Ds_vi&nbs_id_sfidcookie=D%3Ds_fid&nbs_id_aid=D%3Daid&nbs_id_fid=D%3Dfid&nbs_id_mid=D%3Dmid&nbs_id_sdid=D%3Dsdid&.nbs_id&.c&cc=GBP&ch=Brochureware&events=event26&products=Internal%20ads%3BIntcmp_4258%3B%3B%3Bevent26%3D1%3Bevar47%3D%2B1%2CInternal%20ads%3BIntcmp_4238%3B%3B%3Bevent26%3D1%3Bevar47%3D%2B1%2CInternal%20ads%3BIntcmp_3665%3B%3B%3Bevent26%3D1%3Bevar47%3D%2B1%2CInternal%20ads%3BIntcmp_4160%3B%3B%3Bevent26%3D1%3Bevar47%3D%2B1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&tnt=102046%3A39%3A0%2C123010%3A1%3A0%2C&c71=D%3Ds_vi&c73=largeDesktop%20site%7Clandscape&c74=bw%3Ahomepage&v74=D%3Dc74&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 18:05:44 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 06 May 2020 18:05:44 GMT
server
jag
xserver
anedge-65fb49f79-gr7cn
etag
3411711446371106816-4614895387772727104
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 04 May 2020 18:05:44 GMT
nbs-lazy-load.min.js
www.nationwide.co.uk/assets/main-site/script/bundle/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-lazy-load.min.js?v=20190404
Requested by
Host: www.nationwide.co.uk
URL: https://www.nationwide.co.uk/assets/main-site/script/bundle/nbs-homepage.min.js?v=20190718
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
155.131.44.69 , United Kingdom, ASN8698 (Nationwide Building Society, GB),
Reverse DNS
Software
/
Resource Hash
1beda47f244ed8e38f3895919150cc2caa2e816509fac7880c011a0c64272062
Security Headers
Name Value
Content-Security-Policy default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Strict-Transport-Security max-age=16070400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src *.bing.com https://onlinebanking.nationwide.co.uk 'self'; connect-src *.bing.com cdn.decibelinsight.net http://track.contently.com https://d083-uk.api.decibelinsight.net/ dpm.demdex.net https://enrolment.mynationwide.io/ wss://lo.msg.liveperson.net http://metrics.nationwide.co.uk/ https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud *.omtrdc.net https://rsa.egain.cloud https://cdn.decibelinsight.net 'self' https://ws.sessioncam.com https://smetrics.nationwide.co.uk/ *.swiftype.com *.virtualearth.net wss://cdn.decibelinsight.net https://www.googleadservices.com; font-src data: 'self'; frame-src accounts.google.com https://adservice.google.com/ apis.google.com *.bing.com https://assets.contently.com *.doubleclick.net https://analytics.analytics-egain.com/ googleads.g.doubleclick.net https://www.youtube.com https://lo.idp.liveperson.net https://lo.msg.liveperson.net https://lo.msghist.liveperson.net https://lo.tokenizer.liveperson.net https://lpcdn.lpsnmedia.net https://nationwide.demdex.net https://nationwide.egain.cloud https://nationwidedev1.egain.cloud notifyme-uat.nationwide-mats.co.uk platform.twitter.com https://pixel.mathtag.com https://accounts.google.com https://apis.google.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://www.facebook.com 'self' s-static.ak.facebook.com static.ak.facebook.com https://embed.ustudio.com/ www.facebook.com www.google.com *.youtube.com; img-src data: https://proactive.nationwide.co.uk 'self' *; media-src https://lpcdn.lpsnmedia.net; object-src 'self' http://d2oh4tlt9mrke9.cloudfront.net; script-src https://accdn.lpsnmedia.net analytics.analytics-egain.com apis.google.com assets.kampyle.com *.bing.com https://www.adobetag.com clients1.google.com https://cloud-emea.analytics-egain.com connect.facebook.net http://assets.contently.com cse.google.com data: dpm.demdex.net https://analytics.analytics-egain.com https://nationwide.egain.cloud/ https://nationwidedev1.egain.cloud https://nationwidedev2.egain.cloud https://www.google.co.uk https://www.gstatic.com ipv4.google.com https://lo.v.liveperson.net https://lpcdn.lpsnmedia.net https://lptag.liveperson.net *.nationwide.co.uk *.omtrdc.net platform.linkedin.com platform.twitter.com https://proactive.nationwide.co.uk *.reevoo.com rsaparaturetest.prod.parature.com https://cdn.decibelinsight.net https://app.decibelinsight.com/js/hm.js https://pixel.mathtag.com https://apis.google.com https://cse.google.com https://nationwidechat.prod.parature.com https://platform.linkedin.com https://platform.twitter.com https://static.ak.facebook.com https://www.google.com 'self' http://d2oh4tlt9mrke9.cloudfront.net https://ws.sessioncam.com static.ak.facebook.com https://cdn.tt.omtrdc.net *.virtualearth.net https://s.ytimg.com 'unsafe-eval' 'unsafe-inline' http://nationwidebuildingso.tt.omtrdc.net https://nationwidebuildingso.tt.omtrdc.net http://www.google.com http://www.googleadservices.com http://metrics.nationwide.co.uk/; style-src assets.kampyle.com *.bing.com cse.google.com *.nationwide.co.uk https://nationwide.egain.cloud https://nationwidedev1.egain.cloud *.reevoo.com 'self' *.virtualearth.net https://www.google.com 'unsafe-inline' http://www.google.com/;
Content-Encoding
gzip
Last-Modified
Tue, 21 Apr 2020 14:55:16 GMT
x-frame-options
SAMEORIGIN
ETag
"0621adeec17d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=300
Date
Tue, 05 May 2020 18:05:44 GMT
Strict-Transport-Security
max-age=16070400
Accept-Ranges
bytes
Content-Length
9226
x-xss-protection
1; mode=block
js
pixel.mathtag.com/sync/
Redirect Chain
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pe...
  • https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pe...
597 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pev2%3Dmediamath-sync-pixel%26c.user.nbs_media_math_id%3D%5BMM_UUID%5D%26AQE%3D1&mm_bnc&mm_bct&UUID=8be35eb1-aaf8-4b00-a702-e4cbbc0cc82e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-113.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x12 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:45 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Tue, 05 May 2020 18:05:44 GMT

Redirect headers

Date
Tue, 05 May 2020 18:05:45 GMT
Server
MT3 2264 8c3ad5b master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.mathtag.com/sync/js?sync=auto&mt_exid=10068&exsync=https%3A%2F%2Fsmetrics.nationwide.co.uk%2Fb%2Fss%2Fnationwidelive1%2F0%3FAQB%3D1%26pageName%3Dmediamath-sync-pixel%26pe%3Dlnk_o%26pev2%3Dmediamath-sync-pixel%26c.user.nbs_media_math_id%3D%5BMM_UUID%5D%26AQE%3D1&mm_bnc&mm_bct&UUID=8be35eb1-aaf8-4b00-a702-e4cbbc0cc82e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
Expires
Tue, 05 May 2020 18:05:44 GMT
s21657816557643
smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.12.0/ 		43 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.12.0/s21657816557643?AQB=1&ndh=1&pf=1&t=5%2F4%2F2020%2020%3A5%3A44%202%20-120&mid=68439802845590150271106239318604860623&aid=2F58D57C0515A657-600007E687B9BE30&aamlh=6&ce=UTF-8&ns=nationwide&cdp=3&pageName=bw%3Ahomepage&g=https%3A%2F%2Fwww.nationwide.co.uk%2F&c.&nbs_custom_link.&pageName=D%3DpageName&linkName=D%3D%22o%7C%22%2Bpev2&.nbs_custom_link&.c&cc=GBP&v5=di-68591-F8552F39D89DAE9ED03DAA1345B07BC93B&c73=largeDesktop%20site%7Clandscape&pe=lnk_o&pev2=Decibel%20Insight%20Session%20ID&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&lrt=63&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 18:05:44 GMT
x-content-type-options
nosniff
x-c
master-1221.I0e927e.M0-376
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 06 May 2020 18:05:44 GMT
server
jag
xserver
anedge-65fb49f79-bvcpp
etag
3411711446371106816-4619859503882237225
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 04 May 2020 18:05:44 GMT
img
pixel.mathtag.com/misc/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-113.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x16 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:45 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 05 May 2020 18:05:44 GMT
img
pixel.mathtag.com/misc/ 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-113.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x15 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.nationwide.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 18:05:55 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 05 May 2020 18:05:54 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| s_account function| AppMeasurement function| s_gi function| s_pgicq function| targetPageParams function| se function| we function| ye function| Re function| e object| visitor string| mboxCopyright object| TNT object| adobe function| Visitor object| s_c_il number| s_c_in object| s object| publicInterface object| wa_component function| wa_action number| s_objectID number| s_giq object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| nbsAdobeTargetEvents function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory function| mboxScPluginFetcher object| mboxFactories object| mboxFactoryDefault number| mboxVersion function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie function| mboxLoadSCPlugin object| _AT function| getSizzleForTarget object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| nbs object| _da_ string| DecibelInsight function| decibelInsight string| EG_ACT_ID object| EGAINCLOUD object| EG_CALL_Q function| eGOFRPatternStore object| _di_max_id object| _da_crcTable string| s_tnt string| tntVal function| mboxTrack function| tt_Log object| testAndTarget function| onorientationchange string| pair object| egainDockChat boolean| decibelInsight_initiated boolean| adobe_event_bound object| di_cloneId object| s_i_nationwidelive1 function| metric

6 Cookies

Domain/Path Name / Value
.nationwide.co.uk/ Name: hero-carousel
Value: Y
www.nationwide.co.uk/ Name: EG-U-ID
Value: B162530d27-5e63-42c3-b399-bff26a0ec52f
www.nationwide.co.uk/ Name: EG-S-ID
Value: A234497fde-fe0d-4e6f-88f4-0e72cb491021
.nationwide.co.uk/ Name: check
Value: true
.nationwide.co.uk/ Name: mboxEdgeCluster
Value: 37
.nationwide.co.uk/ Name: mbox
Value: session#d9c848112b1f48178d4425b06dba997f#1588703805|PC#d9c848112b1f48178d4425b06dba997f.37_0#1651946745

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.analytics-egain.com
cancelpayment.info
cdn.decibelinsight.net
cdn.tt.omtrdc.net
cloud-emea.analytics-egain.com
cm.everesttech.net
dpm.demdex.net
href.li
nationwide.demdex.net
nationwide.egain.cloud
nationwidebuildingso.tt.omtrdc.net
pixel.mathtag.com
smetrics.nationwide.co.uk
www.nationwide.co.uk
111.90.139.110
15.188.105.205
155.131.44.69
18.196.73.164
18.202.184.129
192.0.78.27
23.210.249.113
23.61.220.204
34.241.125.133
51.140.72.164
52.16.233.250
52.208.194.150
66.117.28.86
99.80.97.22
0181128fde7d9f8024a97f76d11544e05481df50764c098089b27342c56d5f17
020bdce66228c004e9b7c498caeda0cb8252031795e23793a5169ae63b6f0fe7
06638e438b2bd885cf4ab6f36c523d1fd427063543ed91d53824b005a51fffc3
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
154f369084c28c7ceaf71531663e84382b0f3ac78fffa7f91c4543499b8ee41b
17561150e865649a9aeeee94cb0f7a17d5e77147d3f2edefbee566f95128ddb3
1beda47f244ed8e38f3895919150cc2caa2e816509fac7880c011a0c64272062
24b2d056f9e95705104f02314c56b23be947462997d91a6a1a393735ea692955
27d3dcfdd9964c3dbb6f9ff23a58c6e4af2a0d2b7679871542b167299f0512d3
2c3b918df3d0dc8ce11328cd21f8d9defc5858231b70bb11cd896f2f0bf5ae46
387cfaa1ebcfdd7d3495a7372cf6381ea76fcd37fc500663f9799e896d537d6c
454356f4c771dd3d547ee65ea3f7c9aa7d80883833bb42159c0005f56f705d35
487f784eec64b78cd76acda1dcec0f7da86e9b9490d7ee80db820c17d3dcc124
5cfc1d72a6c4c817544222468ad1a2f27ed404481f529f223c05c1c52bb3ba2c
61ce9a48b7a91db2b9643a82d0d0abf32ce77b2896372420b604d505af849675
698294585a9b44f5abd3073732325a0436f19bfa7b3ae2b89c88653803011c95
6c966bf9fbd36a14c1eb2e9f5abac1be3d43574dd0bfa0ffbef92dc8d68233f1
77b7f6ae2458ecc4bea1d9604f23e284951752e32176884ee6d584fe1b2517af
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
8b8ac543c779387150c43863cafd129caddfbca66ebed76ee246b528957229af
8cb7539186913a54afe9309acbf3cd28f4eddd0c1e6bb755951353451a2155a7
9396a3449a858e15ff39a80ac89d67a7012d80dfe49d5941fc3e87976aeba2cc
97606768c72e8c23be8da1f58a7cbaabc709819b8ab1790c157d6e51efc9e109
99f906cdf469f630ee871d2b49d6143f4185f4d58dd3dec3ce591e49e23d8514
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
ad6a2819689cad5bfe7ff1290f031d455d53c79399b28379e5d5199c84dd20de
ad974defdf1c16806d47b727329afc3ff8a0b3b2c2d26315996f5b4a736f8830
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c39c5b843f2b0bdd486f6af86d5570ec1b1d9f8a9d098094470b36ee463a3af9
caaffcd3da5325127ceb2689bba128c29ef0386465d2253f079398c60c3226f6
cd83c9616859b7b51ce69a4c82d10820fccc02b7373b3059e2d149ac06d22e5a
d107ad3123444a7b9c015f9904f39cea3ec58dfb362e254732f39ee9eec93eb0
da05276c10c8b302283ed50840d69a0863ff5dc3bb186a87153d5c2c3f888aca
e35de4ca0ae8ee99596998dd6bf270f2b5d17ddfbfa717f9698745c6563f2ef1
e60564e25fba4a7bf011788b8d31cf6f25fb6fe6ac4e0833718a7801c2a79d93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4643fb92ab9f29080b2b0c96de3093a2bbc6d947bc8613efe9228be2d55c069
f5ecb4cafaeeea9fcc116112989c76febbbd037aae0f8f3c8e598b7d9ddf6ddd
fda710da00586ec34af1e2cf30806d549704c4607c8424c425de3868a9c69d72