urlscan.io logo urlscan.io
SecurityTrails logo

behaves.natwestofshorebanking.com Open in urlscan Pro
188.227.107.14  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://twtr.to/k2gm
Effective URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission: On April 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 20 HTTP transactions. The main IP is 188.227.107.14, located in St Petersburg, Russian Federation and belongs to AS-ITGLOBALCOM ITGLOBAL.COM, NL. The main domain is behaves.natwestofshorebanking.com.
TLS certificate: Issued by R3 on April 7th 2023. Valid for: 3 months.
This is the only time behaves.natwestofshorebanking.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 168.220.91.95 40509 (FLY)
1 52.95.181.29 16509 (AMAZON-02)
1 18 188.227.107.14 208951 (AS-ITGLOB...)
2 2603:1026:300... 8075 (MICROSOFT...)
20 3
Domain Requested by
17 behaves.natwestofshorebanking.com 1 redirects 09101963.s3.ap-northeast-3.amazonaws.com
behaves.natwestofshorebanking.com
2 login.live.com behaves.natwestofshorebanking.com
1 console-console.laguagesturdy.com 09101963.s3.ap-northeast-3.amazonaws.com
1 09101963.s3.ap-northeast-3.amazonaws.com
1 twtr.to 1 redirects
20 5

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.s3.ap-northeast-3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-29		 a year crt.sh
console-console.laguagesturdy.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
behaves.natwestofshorebanking.com
R3		 2023-04-07 -
2023-07-06		 3 months crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2023-04-02 -
2024-04-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Frame ID: F4A3B6D89842DD1DE8078DFC6EE18197
Requests: 19 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 53F93A34A27BCF9F1480E7DCA24B7624
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://twtr.to/k2gm HTTP 301
    https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Am... Page URL
  2. https://behaves.natwestofshorebanking.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2JlaGF2ZXMub... HTTP 302
    https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
  3. https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL

Page Statistics

20
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

977 kB
Transfer

1517 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://twtr.to/k2gm HTTP 301
    https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21 Page URL
  2. https://behaves.natwestofshorebanking.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2JlaGF2ZXMubmF0d2VzdG9mc2hvcmViYW5raW5nLmNvbSIsImRvbWFpbiI6ImJlaGF2ZXMubmF0d2VzdG9mc2hvcmViYW5raW5nLmNvbSIsImtleSI6IlhtRU14UHZvamVZWSIsInFyYyI6bnVsbCwiaWF0IjoxNjgxMzI2NzQ4LCJleHAiOjE2ODEzMjY4MDh9.zJ_itKu1m056x66F9eM66R_PK3t7z-jlpbWwsPoiKcc HTTP 302
    https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0 Page URL
  3. https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://twtr.to/k2gm HTTP 301
  • https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21
Request Chain 2
  • https://behaves.natwestofshorebanking.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2JlaGF2ZXMubmF0d2VzdG9mc2hvcmViYW5raW5nLmNvbSIsImRvbWFpbiI6ImJlaGF2ZXMubmF0d2VzdG9mc2hvcmViYW5raW5nLmNvbSIsImtleSI6IlhtRU14UHZvamVZWSIsInFyYyI6bnVsbCwiaWF0IjoxNjgxMzI2NzQ4LCJleHAiOjE2ODEzMjY4MDh9.zJ_itKu1m056x66F9eM66R_PK3t7z-jlpbWwsPoiKcc HTTP 302
  • https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html
09101963.s3.ap-northeast-3.amazonaws.com/
Redirect Chain
  • https://twtr.to/k2gm
  • https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXV...
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.181.29 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-northeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
d4fce084f10223110e52673f09b48ad9dcd8c54c82f4be56425e23760b026afa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Disposition
inline
Content-Length
7962
Content-Type
text/html
Date
Wed, 12 Apr 2023 19:12:28 GMT
ETag
"97dcc976d74327f1d753b7a13afe0d46"
Last-Modified
Wed, 12 Apr 2023 16:03:02 GMT
Server
AmazonS3
x-amz-id-2
6WA2V7GMPg6ULcVwDLo6PIm9KQM6WzAnx/Va6wpNdN2IqfWhbYIDsNsdgiqYAgxcZpCV6OlyrjQ=
x-amz-request-id
T7B1CPG24PR5V42X
x-amz-server-side-encryption
AES256

Redirect headers

alt-svc
h3=":443"; ma=2592000
cf-cache-status
DYNAMIC
cf-ray
7b6dc7e9f86d4405-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 19:12:27 GMT
location
https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb1z30ssoKFQBBqLG0u2Rh0BNmqJhNbFFoTJ8XBPAhMOOIjIZNyqaX5I4TzKSGC3gpfcJlD3Uw22iIY8stkji1zHcLSIhduVxvYos1z0Jwe7v3R4mT%2FbBZWG0hOaNgRgyKM4QT0%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-whom
tly-1
x-xss-protection
1; mode=block
/
console-console.laguagesturdy.com/ 		354 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://console-console.laguagesturdy.com/?nuqg
Requested by
Host: 09101963.s3.ap-northeast-3.amazonaws.com
URL: https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept
application/json
Referer
https://09101963.s3.ap-northeast-3.amazonaws.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 12 Apr 2023 19:12:28 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
content-type
application/json
cwvjqtkbg
behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/
Redirect Chain
  • https://behaves.natwestofshorebanking.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2JlaGF2ZXMubmF0d2VzdG9mc2hvcmViYW5raW5nLmNvbSIsImRvbWFpbiI6ImJlaGF2ZXMubmF0d2VzdG9mc2hvcmVi...
  • https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20...
153 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
Requested by
Host: 09101963.s3.ap-northeast-3.amazonaws.com
URL: https://09101963.s3.ap-northeast-3.amazonaws.com/%D0%BA%D0%BE%D1%88%D0%B8%D0%BA.html?response-content-disposition=inline&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCLFx%2Btcki9H6pYZ4NhFQracQyQ5pOg6DkkuQQLE1jbBQIgO1SZw%2FFjt%2BW600RU153lUX1HjFxTFnGYGPR7VtVq8Tcq7QIIwf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgwyMDE2ODU2MTg4MjYiDL6T4LCUdz4W8sminirBAjF7%2FZghZ0c6UeSDyG4vod8EC8wYxAJ29KkL%2FHg%2BNHd7jCahcT6rVld4QL0WnD3eTQUKhU8SODQv5Re%2FkW9RalWLmo0Ir978WFTw2dDg9rnafNAiWB4Z038fWYtxQdstf0Knzvej2goHnGlnbl73MUM%2Bfsre7fFI6tHuqfVKPC6yZZQhrh9hUECB4jrbAnKcuEl05eLQ0GFpmEHJ2KgwL0VzkpF%2FrLNVKSQ%2Fdqje3OFQ8VHJVqzu7HYfGkr7hd9arUFLpcosuXnIi72xkSejaVId4ZDPsDnS6e4H%2FZS1eHOq1xOtiPReIekKYvOP4xMLtl1PcyQf5BjDy6Qxx7CiWImF91t9NS46aSp8S2Rdv9JcUcBDUGMGTjCVbfX5pPDCmqHM4dksn%2BP0VrLTvFL02r0mZZ8FUCB3cl3DiLRVgFFHWzCsq9uhBjqzApj2XSUMHXv52FSB3C463ZEij6Zo30qyOpIASYlm7rR34E9t8lNTbgsS80nWEb4Blx2SuJIAkfpjAotMKl0dP3jwlh2mYpvSYz9lTRruDvQiHpiFK4ouxorW8D%2B0KCIuqr%2FA2PYfufkHvicBqslsIeH40lsB06b%2FJ3Z3zlsWnFG9sKxm1jxafABITmh9Q2IKwgVILKTL3xJQaj7UNSB1SfJHm7U%2BS653gZjUY4%2Bjk8Ntxd9mPS7zmYOOzuFr2vFrQ85qiT4IcYguiACulS%2B7S1BwAXoSEGqxFdg%2FNlmb2FcEZYK194U%2BDFjMrryQpxMkaqov5pmMnKhWvKBxa%2FyDyc9xd5nyhfHxhspYKVUEZ8YxiVLAGvz6M1WWKyzNMJnU4Ncg%2FoF1g3JPkursyb5s36Mt4fM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20230412T160332Z&X-Amz-SignedHeaders=host&X-Amz-Expires=43200&X-Amz-Credential=ASIAS55LGKCFFGSBFTWY%2F20230412%2Fap-northeast-3%2Fs3%2Faws4_request&X-Amz-Signature=b3f8f3e6ba7c93301a1c6556189edc96a1878507d90f8f42d0d4582c56125e21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://09101963.s3.ap-northeast-3.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 19:12:28 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
156881
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14939.4 - NEULR2 ProdSlices
x-ms-request-id
6d05e8ca-9048-4c31-be3a-a5fbb2323200

Redirect headers

Connection
keep-alive
Date
Wed, 12 Apr 2023 19:12:28 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
location
/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
reportbssotelemetry
behaves.natwestofshorebanking.com/common/instrumentation/ 		265 B
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=550b714c-bf66-48f8-a940-b55d9d2da6be&hpgrequestid=6d05e8ca-9048-4c31-be3a-a5fbb2323200
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 12 Apr 2023 19:12:27 GMT
Referrer-Policy
strict-origin-when-cross-origin
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
Content-Type
application/json; charset=utf-8
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
0cedb3cc-17fb-4778-9a52-ea8c53963b00
Cache-Control
no-store, no-cache
Connection
close
content-length
265
x-ms-ests-server
2.1.14939.4 - WEULR2 ProdSlices
Expires
-1
Primary Request cwvjqtkbg
behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/ 		202 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
f2d994bf9287f21d44abf7e3c5e90ac23f9e916531db125bc26ec7a8942a79c6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 19:12:28 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
content-length
207071
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14939.4 - NEULR1 ProdSlices
x-ms-request-id
7a3bee8f-e381-49e9-b921-4ee09c4b1201
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ 		673 KB
673 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
cc58721894324d6f6f53b7fe4cb0d08f923aa75e52506c0a58d29e4390b7cedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 19:12:29 GMT
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
689016
Content-Type
application/x-javascript
oneDs_641b1cf809bdc17b42ab.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
close
Content-Length
61054
x-ms-lease-status
unlocked
Last-Modified
Thu, 27 Oct 2022 14:24:13 GMT
ETag
0x8DAB826EBE74413
x-azure-ref
20230412T191229Z-xuts6445695tb4v7wn41cdfw6s00000001d0000000005dhk
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
172694c5-501e-0022-3414-66f044000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
5f5fbee72883732799d75f6c08679ed8a6e769ae4f3afdcd3721103a481afa80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
close
Content-Length
32188
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:54 GMT
ETag
0x8DAFF34DD9DC630
x-azure-ref
20230412T191229Z-f047c2347x4zp3exhpe9g2s4n8000000038000000000z331
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
8fba332f-901e-0056-136c-68ae4c000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
Content-MD5
58ok3DpHFgya8NReSPH5EQ==
X-Cache
TCP_HIT
Connection
close
Content-Length
19995
x-ms-lease-status
unlocked
Last-Modified
Wed, 15 Feb 2023 01:53:02 GMT
ETag
0x8DB0EF75F96875A
X-Azure-Ref
0nQI3ZAAAAABX23infxV0Tp+V/EQQ0JMgQU1TMDRFREdFMTgxOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
9e33e848-701e-000c-1291-6bc36a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
Content-MD5
JVJJucX6OcIf+A8bypFLMA==
X-Cache
TCP_HIT
Connection
close
Content-Length
14053
x-ms-lease-status
unlocked
Last-Modified
Thu, 02 Mar 2023 02:19:39 GMT
ETag
0x8DB1AC4939D6440
X-Azure-Ref
0nQI3ZAAAAAAdzTIUDMz2SIR9mtKerLoBQU1TMDRFREdFMTkyMAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
84efbd05-501e-0076-784f-6d3f7f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
2db2f2ea915f4423171358be6337a68b5b3ed82c63bf3d02433ad4a5046c566a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
close
Content-Length
5527
x-ms-lease-status
unlocked
Last-Modified
Thu, 26 Jan 2023 00:32:55 GMT
ETag
0x8DAFF34DE08B462
x-azure-ref
20230412T191229Z-rgzysyrxdd4yr76zrtxg56tyyn000000069g000000019bdv
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
3b61c0b9-101e-004e-1d83-6c467f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
marching_ants_white_166de53471265253ab3a456defe6da23.gif
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-MD5
Fm3lNHEmUlOrOkVt7+baIw==
X-Cache
TCP_HIT
Connection
close
Content-Length
2672
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:37 GMT
ETag
0x8D79B83739984DD
X-Azure-Ref
0nQI3ZAAAAACk33OrB2OQRpPKpkOkvgGGQU1TMDRFREdFMTgwOQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
cf61abc5-801e-000b-6077-6c1264000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:30 GMT
X-Cache
TCP_HIT
Connection
close
Content-Length
3620
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
ETag
0x8D79B8373B17F89
x-azure-ref
20230412T191230Z-6q04ac24gp60v7b1839avpry9s00000001yg00000000qvew
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
616c519b-a01e-005d-2680-6c8b5b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:29 GMT
Content-Encoding
gzip
Content-MD5
DhdidjYrlCeaRJJRG/y9mA==
X-Cache
TCP_HIT
Connection
close
Content-Length
673
x-ms-lease-status
unlocked
Last-Modified
Wed, 12 Feb 2020 22:01:30 GMT
ETag
0x8D7B0071D86E386
X-Azure-Ref
0ngI3ZAAAAABOd5yxt9RfS6bHzjutlLdYQU1TMDRFREdFMTkyMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
c4412a20-b01e-0044-6935-6d486a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:30 GMT
Content-Encoding
gzip
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
X-Cache
TCP_HIT
Connection
close
Content-Length
1435
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:38 GMT
ETag
0x8D79B8373CB2849
X-Azure-Ref
0ngI3ZAAAAABXJVmkkFDeSL7/6XiFvbsPQU1TMDRFREdFMTkxMQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
4a3b1071-301e-0060-2c77-6c7551000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:31 GMT
X-Cache
TCP_HIT
Connection
close
Content-Length
2672
x-ms-lease-status
unlocked
Last-Modified
Fri, 17 Jan 2020 19:28:37 GMT
ETag
0x8D79B83739984DD
x-azure-ref
20230412T191231Z-rgzysyrxdd4yr76zrtxg56tyyn00000006ag000000016dym
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
757509de-f01e-0090-6fb9-65d004000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes
Me.htm
login.live.com/ Frame 53F9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_-744lsPEROI34IEVhVkOXg2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://behaves.natwestofshorebanking.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1132
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Apr 2023 19:12:29 GMT
Expires
Sat, 09 Apr 2033 19:12:30 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02PF2C6BB4C0C V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
a9aa9e21-5f6f-416d-bc43-de1166df9b69
x-ms-route-info
R3_BL2
converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_dxlgfz8kx1amwm8vpguk7w2.css
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
f36bbd8a2b786b236385b37cadc7b1fdc2b1d6842e8a531de09eea723d94c6c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:34 GMT
Content-Encoding
gzip
Content-MD5
58ok3DpHFgya8NReSPH5EQ==
X-Cache
TCP_HIT
Connection
close
Content-Length
19995
x-ms-lease-status
unlocked
Last-Modified
Wed, 15 Feb 2023 01:53:02 GMT
ETag
0x8DB0EF75F96875A
X-Azure-Ref
0ogI3ZAAAAACJgf/MwLtBQJ94IMPrAteaQU1TMDRFREdFMTkxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
9e33e848-701e-000c-1291-6bc36a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ 		47 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://behaves.natwestofshorebanking.com/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_9rx-kmbsmdm6rixjlx4bhq2.js
Requested by
Host: behaves.natwestofshorebanking.com
URL: https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.227.107.14 St Petersburg, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
/
Resource Hash
c10e5843fa69d3df24f7fdf86726228cf6dc617aa34fac563f11c3db3dbda588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://behaves.natwestofshorebanking.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 12 Apr 2023 19:12:34 GMT
Content-Encoding
gzip
X-Cache
TCP_HIT
Connection
close
Content-Length
14053
x-ms-lease-status
unlocked
Last-Modified
Thu, 02 Mar 2023 02:19:39 GMT
ETag
0x8DB1AC4939D6440
x-azure-ref
20230412T191234Z-f047c2347x4zp3exhpe9g2s4n8000000039g00000000uy3y
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
b7de842b-801e-001b-0aba-66a246000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
public, max-age=31536000
x-ms-version
2009-09-19
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_80e93b9a4cb13643afca boolean| __convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7

14 Cookies

Domain/Path Name / Value
twtr.to/ Name: XSRF-TOKEN
Value: eyJpdiI6IjhZWjJhcHUxbVRIeGV3Z1hMb01Jd0E9PSIsInZhbHVlIjoiUVpDTHMyeGU0NFFHcGdGSzFETzQ0R3pTbEdFb3RlTTg1S2svQ2lwYVNTd2lTcmkwOGJWVXVwemNvQ2NmMDBiSkJId3hJcWtXVC9pMkd6L1NmajllKzlSZjBnOGNmK3Z6UmZlUGllQm53c0ZJaDZvZnJIVWpVVHE1VXJNWVhiNlAiLCJtYWMiOiIyYzQwYjAwMDA1ZDhlNDkwMzk1MGU4NzhkNzY1NWMzYzYwOTc4NWIyOTU3NDM1NzkwNjU5OWY2OWNmMzYwYjM1IiwidGFnIjoiIn0%3D
twtr.to/ Name: tly_session
Value: eyJpdiI6ImhKV2RaaVI3c2JqeXR2WW9vUVdYenc9PSIsInZhbHVlIjoiNnNQUVFhb1JiMnhNa0FVSWVxTTVZdDAvYmVHTERFd0h3U01SSThWUDhHdXFza09la29lZUxEeEJmNkQrWkh1YXc5a1dxZ3JFNmo2VXBNYTZhVm4zdW5raE0waWZVK1JlMW9HUnl0aHB3UitvRnVTTUNSbVdva3hLb2Z2cGFBZXIiLCJtYWMiOiI5NjEyNmExYjg5Y2QxNDUxOTU3YzQ5NzM1YjA4MDNkYTBkNjRmOTkxNTMyYzgwMzg0Mjc2YzE4YTQ2ZjYzNDFmIiwidGFnIjoiIn0%3D
behaves.natwestofshorebanking.com/ Name: qPdM
Value: XmEMxPvojeYY
behaves.natwestofshorebanking.com/ Name: qPdM.sig
Value: bBu8PL8MZXtqr8hZjA-gZoHC6_g
behaves.natwestofshorebanking.com/ Name: x-ms-gateway-slice
Value: estsfd
behaves.natwestofshorebanking.com/ Name: stsservicecookie
Value: estsfd
.behaves.natwestofshorebanking.com/ Name: AADSSO
Value: NA|NoExtension
behaves.natwestofshorebanking.com/ Name: SSOCOOKIEPULLED
Value: 1
behaves.natwestofshorebanking.com/ Name: buid
Value: 0.AXMAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrwmF1YHmyx0l7_9bMIz3ttSoToDz9U1WNlnLnt3uN7ecT9Q4uDdeqgIgeK-j5qAtwHxzfSdY6MXv-QspA0z_4VCjcNaaeiB29xmremED9fBkgAA
.behaves.natwestofshorebanking.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevraR6v1q2UkqEQC9k6Fq4vuw4tnGNiYVlww7rNzBuKrp8AA8hKgb3L33FSq2SWpnF7O9Hjt_IJJZFKgKnZDiHeo_uyLmIdoKJZ6iuzVqM21-ItTtuEWDyI2TASdHe3KY-u8QjJf_Db2mqkuDz1EN1j4RfSyX3kGkZXyIo_G6bS7M8FMYHl3OmT95M6_jTZ9tcSpUwbOmtABtrIlAoN7ovk2OX-BwKhPsxTrEWsZ6Vg8gQgAA
behaves.natwestofshorebanking.com/ Name: fpc
Value: AqsYH71Cq4tBqEiz8QU_r3m8Ae7AAQAAAJz5yNsOAAAA
.behaves.natwestofshorebanking.com/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: c46ff2068a494da7bb71df4bb1c684bb
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1681326750&co=2