urlscan.io logo urlscan.io
SecurityTrails logo

secure1.natwest.com Open in urlscan Pro
155.136.23.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apply.natwest.com/
Effective URL: https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fco...
Submission Tags: @phishunt_io
Submission: On August 13 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 155.136.23.244, located in United Kingdom and belongs to RBSG-UK-AS Edinburgh, GB. The main domain is secure1.natwest.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on December 18th 2020. Valid for: a year.
This is the only time secure1.natwest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 155.136.22.148 21054 (RBSG-UK-A...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 155.136.23.244 21054 (RBSG-UK-A...)
27 5
11    155.136.22.148 (United Kingdom)

ASN21054 (RBSG-UK-AS Edinburgh, GB)
apply.natwest.com
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a02:26f0:6c00:282::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
privacyportal-eu.onetrust.com
7    155.136.23.244 (United Kingdom)

ASN21054 (RBSG-UK-AS Edinburgh, GB)
secure1.natwest.com
Domain Requested by
11 apply.natwest.com 1 redirects apply.natwest.com
7 secure1.natwest.com apply.natwest.com
secure1.natwest.com
6 cdn.cookielaw.org apply.natwest.com
cdn.cookielaw.org
3 assets.adobedtm.com apply.natwest.com
assets.adobedtm.com
1 privacyportal-eu.onetrust.com cdn.cookielaw.org
27 5

This site contains no links.

Subject Issuer Validity Valid
apply.natwest.com
COMODO RSA Organization Validation Secure Server CA		 2020-09-16 -
2021-10-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-09-30		 9 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-07-21 -
2022-07-20		 a year crt.sh
secure1.natwest.com
COMODO RSA Organization Validation Secure Server CA		 2020-12-18 -
2022-01-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb
Frame ID: 8D1A0A836AF674150AC9CFEC160C1B52
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apply.natwest.com/ Page URL
  2. https://apply.natwest.com/content HTTP 301
    https://apply.natwest.com/content/ Page URL
  3. https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

4154 kB
Transfer

4867 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apply.natwest.com/ Page URL
  2. https://apply.natwest.com/content HTTP 301
    https://apply.natwest.com/content/ Page URL
  3. https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://apply.natwest.com/content HTTP 301
  • https://apply.natwest.com/content/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
apply.natwest.com/ 		179 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
8e42c3237cc869e5c4faa34f0311b102c5265ad95d994fa1ec23505c51de3561
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Host
apply.natwest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 13 Aug 2021 15:26:24 GMT
Server
Apache PivotalWebServer
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Wed, 05 Sep 2018 12:46:47 GMT
Accept-Ranges
bytes
Content-Length
179
X-XSS-Protection
1; mode=block
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Pragma
no-cache
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
apply.natwest.com/content/
Redirect Chain
  • https://apply.natwest.com/content
  • https://apply.natwest.com/content/
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
c467c7bdded5ff0794f7ad341875efe7f3c7b2973ea40779361d61dc478972e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Host
apply.natwest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://apply.natwest.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apply.natwest.com/

Response headers

Date
Fri, 13 Aug 2021 15:26:24 GMT
Server
Apache PivotalWebServer
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Accept-Ranges
bytes
Content-Length
5334
X-XSS-Protection
1; mode=block
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Pragma
no-cache
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 13 Aug 2021 15:26:24 GMT
Server
Apache PivotalWebServer
X-Frame-Options
Deny
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Location
https://apply.natwest.com/content/
Content-Length
242
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
assets.css
apply.natwest.com/content/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/assets.css
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
b5ceffa56360b77be5a0bd623760b32f5088bb9776574b36af408a6b532cb2c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
4051
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:24 GMT
X-Frame-Options
Deny
Content-Type
text/css
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
components.css
apply.natwest.com/content/ 		114 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/components.css
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
49268e603633908ded4e000b00853c60191262e762226e5b1cb15f3c230aa168
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
116912
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Content-Type
text/css
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
ui.css
apply.natwest.com/content/ 		20 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/ui.css
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
4064b767ceaa5526df440d79b1a4d442ba632998a4e8f78be889988ee4a34983
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
20110
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Content-Type
text/css
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
card.css
apply.natwest.com/content/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/card.css
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
dba033e13d3313c26a98947bab0b31057c41c44ce7553a54e65d63e5897f02fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
36083
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Content-Type
text/css
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
styles.css
apply.natwest.com/content/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/styles.css
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
0230aa6aee34d220dc88e7bd73efe2482baa9725b31f54f559f1db1186e22b15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
7134
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Content-Type
text/css
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
bundle.js
apply.natwest.com/content/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/bundle.js
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
092fb9d3e5c6b28f42de6587f68d9b793c876c37a5e8d24cdfade70186293da7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
3592214
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 11 Jun 2021 08:45:49 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Content-Type
application/javascript
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BC5xsXKGgJbQbCzkLNvwBQ==
age
86408
vary
Accept-Encoding
content-length
6328
x-ms-lease-status
unlocked
last-modified
Wed, 04 Aug 2021 01:49:58 GMT
server
cloudflare
etag
0x8D956EA2A6E73F4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f6302cde4357-FRA
expires
Sat, 14 Aug 2021 15:26:25 GMT
satelliteLib-409212eb6e2cbf995d1a911b16dad7052024aab5.js
assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/ 		332 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-409212eb6e2cbf995d1a911b16dad7052024aab5.js
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:282::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
93fc85e0e3d29ed37513ea625638d226120d0daad5f57f0e913072f2f2cab491

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 11:36:30 GMT
server
AkamaiNetStorage
etag
"c5648cdce23cf5b5c8c83248d926b511:1627904190.604461"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://apply.natwest.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Aug 2021 16:26:25 GMT
4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/4eaf8a94-474d-41a2-b0dd-49ee47eb4150.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6396ebcbac534877e4c5769b604671c93d96e5decff3654108746d0c30d59e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cj7fHfrytkrmrRE4gtZKEw==
age
501886
vary
Accept-Encoding
content-length
1095
x-ms-lease-status
unlocked
last-modified
Wed, 11 Nov 2020 09:06:29 GMT
server
cloudflare
etag
0x8D886211385B02B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f945a8a-701e-0034-07c7-8b774e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f6304ef3325c-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.5.0/ 		325 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
AvbD4VHYe4H/QnyU6j8v5w==
age
2496578
vary
Accept-Encoding
content-length
69711
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:22 GMT
server
cloudflare
etag
0x8D84A3B58DE8819
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ab62d005-b01e-0066-32a2-796abc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f6307dc44357-FRA
expires
Sat, 21 Aug 2021 15:26:25 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-409212eb6e2cbf995d1a911b16dad7052024aab5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:282::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://apply.natwest.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Fri, 13 Aug 2021 16:26:25 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5165c8c319825f6ec3fb78d0a8dcc1054ab35a3d/satelliteLib-409212eb6e2cbf995d1a911b16dad7052024aab5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:282::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://apply.natwest.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Fri, 13 Aug 2021 16:26:25 GMT
en.json
cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/91b15d2a-e370-49ef-a7f2-6e0470056317/ 		150 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/4eaf8a94-474d-41a2-b0dd-49ee47eb4150/91b15d2a-e370-49ef-a7f2-6e0470056317/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7a95263356a0095c3d40a7850fdd16991c4a07873d8ebb9ce239994df82cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
X4VQA/+BqeYzL+vGjoZtCg==
age
501885
vary
Accept-Encoding
content-length
23535
x-ms-lease-status
unlocked
last-modified
Wed, 11 Nov 2020 09:06:40 GMT
server
cloudflare
etag
0x8D886211A5D901E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
06b8c1ac-b01e-006d-58c7-8b72c8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f630dfda325c-FRA
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3ZrBbr/xQHzp7Lx6ANEcZw==
age
9710295
vary
Accept-Encoding
content-length
2778
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:17 GMT
server
cloudflare
etag
0x8D84A3B55C93760
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8af91d9a-a01e-0110-2d07-38a855000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f631081c325c-FRA
expires
Sat, 21 Aug 2021 15:26:25 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 13 Aug 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ebGLXbyX4UjJx8DgFc7F7g==
age
557800
vary
Accept-Encoding
content-length
14901
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:17 GMT
server
cloudflare
etag
0x8D84A3B55B1B344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
998c42e2-701e-00da-8044-8b7dcd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67e2f631081d325c-FRA
expires
Sat, 21 Aug 2021 15:26:25 GMT
RNHouseSans-Regular.woff2
apply.natwest.com/content/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/content/assets/fonts/RNHouseSans-Regular.woff2?v=${version}
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/assets.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
816128c403e882f6d31208fd95435f625564b5914dbea396754640760cfc612e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://apply.natwest.com
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://apply.natwest.com/content/assets.css
Cookie
OptanonConsent=isIABGlobal=false&datestamp=Fri+Aug+13+2021+17%3A26%3A25+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&hosts=&consentId=392520fd-60e1-49ca-9c51-918dcfe9050f&interactionCount=0&landingPath=https%3A%2F%2Fapply.natwest.com%2Fcontent%2F
Connection
keep-alive
Origin
https://apply.natwest.com
Referer
https://apply.natwest.com/content/assets.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Jun 2021 08:45:42 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:25 GMT
X-Frame-Options
Deny
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
21572
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
config.json
apply.natwest.com/ca/config/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apply.natwest.com/ca/config/config.json?cachebuster=210813
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.22.148 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
Apache PivotalWebServer /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
apply.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://apply.natwest.com/content/
Connection
keep-alive
Referer
https://apply.natwest.com/content/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
6013
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 08 Apr 2021 08:54:32 GMT
Server
Apache PivotalWebServer
Date
Fri, 13 Aug 2021 15:26:27 GMT
X-Frame-Options
Deny
Content-Type
application/json
Cache-Control
max-age=86400,no-cache,must-revalidate,public
Content-Security-Policy
upgrade-insecure-requests;frame-ancestors 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
consentreceipts
privacyportal-eu.onetrust.com/request/v1/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://privacyportal-eu.onetrust.com/request/v1/consentreceipts
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://apply.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Aug 2021 15:26:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
67e2f641c95e2be9-FRA
content-length
0
Primary Request Cookie set authorization.oauth2
secure1.natwest.com/as/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb
Requested by
Host: apply.natwest.com
URL: https://apply.natwest.com/content/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
1192d1dbdd87c4aa6be6f446952e421873ce21cf2cf236a393cd4c0d17c3ecfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
secure1.natwest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://apply.natwest.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://apply.natwest.com/

Response headers

Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Content-Length
12355
Set-Cookie
PF=drZH5RzgY2rYcQfBtGq7EP;Path=/;Domain=.natwest.com;Secure;HttpOnly;SameSite=None TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Cookie set normalize.min.css
secure1.natwest.com/assets/r4p/nwb/sao/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/assets/r4p/nwb/sao/css/normalize.min.css
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
bb078073da5bd212a64dd0ccba4ccb7975bd25c91354baeb8653798a1f2c7a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:42 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
1811
Cookie set main_natwest.css
secure1.natwest.com/assets/r4p/nwb/sao/css/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/assets/r4p/nwb/sao/css/main_natwest.css
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
3e3c28037b92213192dfb6e85faee69f26dd859a8135bdad86f0d644ab215c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:41 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
13192
Cookie set app.js
secure1.natwest.com/assets/r4p/js/sao/ 		109 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/assets/r4p/js/sao/app.js
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/as/authorization.oauth2?client_id=sao_etb&redirect_uri=https%3A%2F%2Fapply.natwest.com%2Fca%2Fcontent%2F&response_type=token&scope=etb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
87db8ae50df3fb9df527360c0e7ccad57179164b263a55ece254344d65255c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:43 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
111456
Cookie set arrowDown.svg
secure1.natwest.com/assets/r4p/nwb/sao/images/ 		328 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.natwest.com/assets/r4p/nwb/sao/images/arrowDown.svg
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/assets/r4p/nwb/sao/css/main_natwest.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
364631763c896bd608ed9500cbdc250a00cb41f3613926c160bfad64c7afd409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:42 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
328
Cookie set RNHouseSansW01Regular.woff
secure1.natwest.com/assets/r4p/nwb/sao/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/assets/r4p/nwb/sao/fonts/RNHouseSansW01Regular.woff
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/assets/r4p/nwb/sao/css/main_natwest.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
40ec7918f9426feb93023392755af7d03b6b473c6cce6ccd9f86e09da2e72af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure1.natwest.com
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Origin
https://secure1.natwest.com
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:41 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
27833
Cookie set RNHouseSansW01Bold.woff
secure1.natwest.com/assets/r4p/nwb/sao/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure1.natwest.com/assets/r4p/nwb/sao/fonts/RNHouseSansW01Bold.woff
Requested by
Host: secure1.natwest.com
URL: https://secure1.natwest.com/assets/r4p/nwb/sao/css/main_natwest.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.136.23.244 , United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
f037f9404deb53910b59aaf490b4c25400b52397b670a981629c63c88a9fbb68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://secure1.natwest.com
Accept-Encoding
gzip, deflate, br
Host
secure1.natwest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://secure1.natwest.com/
Cookie
OptanonConsent=consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0; PF=drZH5RzgY2rYcQfBtGq7EP; TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
Connection
keep-alive
Origin
https://secure1.natwest.com
Referer
https://secure1.natwest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
Last-Modified
Sun, 02 May 2021 01:20:42 GMT
Date
Fri, 13 Aug 2021 15:26:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
max-age=0, must-revalidate
Set-Cookie
TS01cb6032=01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe; Path=/; Domain=.secure1.natwest.com; Secure; HTTPOnly
Content-Length
28572

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| Authentication object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| props number| year object| authentication object| continueButton object| form object| helpButton object| pageHeading

3 Cookies

Domain/Path Name / Value
.secure1.natwest.com/ Name: TS01cb6032
Value: 01a06989094e350750fadb0a2550aae788c28e0d3b013b75d90365786e8f73fc8cbc4c3b79427f76f9fcb258b3cd2dc1f65229c9c5a9858974e096f8d72cad9b7b2ec794fe
.natwest.com/ Name: PF
Value: drZH5RzgY2rYcQfBtGq7EP
.natwest.com/ Name: OptanonConsent
Value: consentId=3004c93e-fd52-4f88-bf40-43a3acc25ee3&datestamp=Fri+Aug+13+2021+17%3A26%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&interactionCount=0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.natwest.com
assets.adobedtm.com
cdn.cookielaw.org
privacyportal-eu.onetrust.com
secure1.natwest.com
155.136.22.148
155.136.23.244
2606:4700:10::6814:b944
2606:4700::6810:9540
2a02:26f0:6c00:282::1e80
0230aa6aee34d220dc88e7bd73efe2482baa9725b31f54f559f1db1186e22b15
092fb9d3e5c6b28f42de6587f68d9b793c876c37a5e8d24cdfade70186293da7
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
1192d1dbdd87c4aa6be6f446952e421873ce21cf2cf236a393cd4c0d17c3ecfe
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
364631763c896bd608ed9500cbdc250a00cb41f3613926c160bfad64c7afd409
3e3c28037b92213192dfb6e85faee69f26dd859a8135bdad86f0d644ab215c9b
4064b767ceaa5526df440d79b1a4d442ba632998a4e8f78be889988ee4a34983
40ec7918f9426feb93023392755af7d03b6b473c6cce6ccd9f86e09da2e72af7
49268e603633908ded4e000b00853c60191262e762226e5b1cb15f3c230aa168
6396ebcbac534877e4c5769b604671c93d96e5decff3654108746d0c30d59e7a
816128c403e882f6d31208fd95435f625564b5914dbea396754640760cfc612e
87db8ae50df3fb9df527360c0e7ccad57179164b263a55ece254344d65255c50
8e42c3237cc869e5c4faa34f0311b102c5265ad95d994fa1ec23505c51de3561
93fc85e0e3d29ed37513ea625638d226120d0daad5f57f0e913072f2f2cab491
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
b5ceffa56360b77be5a0bd623760b32f5088bb9776574b36af408a6b532cb2c9
bb078073da5bd212a64dd0ccba4ccb7975bd25c91354baeb8653798a1f2c7a5b
c467c7bdded5ff0794f7ad341875efe7f3c7b2973ea40779361d61dc478972e3
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dba033e13d3313c26a98947bab0b31057c41c44ce7553a54e65d63e5897f02fa
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
f037f9404deb53910b59aaf490b4c25400b52397b670a981629c63c88a9fbb68
fb7a95263356a0095c3d40a7850fdd16991c4a07873d8ebb9ce239994df82cd4