urlscan.io logo urlscan.io
SecurityTrails logo

natwest.stage.jaaq.org Open in urlscan Pro
20.108.150.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://natwest.stage.jaaq.org/
Effective URL: https://natwest.stage.jaaq.org/login
Submission: On July 29 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 20.108.150.113, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is natwest.stage.jaaq.org.
TLS certificate: Issued by R11 on July 29th 2024. Valid for: 3 months.
This is the only time natwest.stage.jaaq.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 20.108.150.113 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::60 8075 (MICROSOFT...)
23 3
Domain Requested by
18 natwest.stage.jaaq.org 1 redirects natwest.stage.jaaq.org
4 stage-portal.stage.jaaq.org natwest.stage.jaaq.org
1 stage-media-endpoint.azureedge.net
1 fonts.gstatic.com natwest.stage.jaaq.org
23 4

This site contains no links.

Subject Issuer Validity Valid
natwest.stage.jaaq.org
R11		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
stage-portal.stage.jaaq.org
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://natwest.stage.jaaq.org/login
Frame ID: 59EEFA385AAED81ED3AC21FD42500038
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JAAQ: The new mental health platform

Page URL History Show full URLs

  1. https://natwest.stage.jaaq.org/ HTTP 307
    https://natwest.stage.jaaq.org/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

341 kB
Transfer

1010 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://natwest.stage.jaaq.org/ HTTP 307
    https://natwest.stage.jaaq.org/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
natwest.stage.jaaq.org/
Redirect Chain
  • https://natwest.stage.jaaq.org/
  • https://natwest.stage.jaaq.org/login
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / Next.js
Resource Hash
2987129dcbad40d5662f70f407cc92cc941124e4188082856ddaaf8d258030d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Jul 2024 15:08:58 GMT
etag
"dtlga4qlsped0"
server
nginx
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

date
Mon, 29 Jul 2024 15:08:57 GMT
location
/login
server
nginx
4cbe30961ee3afb2.css
natwest.stage.jaaq.org/_next/static/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/css/4cbe30961ee3afb2.css
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
378ff3e99c1e7695f42074ad37096f15910e4f9eaae334c56a42055372f2eb15

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"a8e4-18e378ac4a8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
147eb40e3b161534.css
natwest.stage.jaaq.org/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/css/147eb40e3b161534.css
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
780c0da147042eb1c9bf23309d5a4ab0bd8a444a9966274ee632b4f803b84d8c

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"abf-18e378ac4a8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-53184bbdd744c154.js
natwest.stage.jaaq.org/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/webpack-53184bbdd744c154.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2f56eb1ac7cac1387befb559d6de4502cbdb081e2a1172cb296067d9b95fc303

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"1663-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-d9b11fe3c3b4e6c7.js
natwest.stage.jaaq.org/_next/static/chunks/ 		271 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d1ae757b6c77ecc625998009eae02b8f4ef34b6e2236902c7c64feffb3caa4a4

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"43b27-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-6f78228da7574402.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		574 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
125ed9481ca8ff47525dce12d680eee633644b349ac13c80fe566a96a672b4e0

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"8f62a-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
login-2fd19e5a909d8d1f.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/login-2fd19e5a909d8d1f.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d92c8a28fc3e0b4dd83c7ed9f7ab71ff711c15b6ef2d592952fc9bfb90fefc97

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"3c4b-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_buildManifest.js
natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/_buildManifest.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
881487b10126e54e834382273289669d8c88cc6852017048325dea211fc35045

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"dfb-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_ssgManifest.js
natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/ 		437 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/_ssgManifest.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2a512217fb9d2c84550c84f7542801cad5f367dacae2babc0e2bcb3a67b417dc

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
last-modified
Wed, 13 Mar 2024 11:20:50 GMT
server
nginx
etag
W/"1b5-18e378b2650"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
437
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://natwest.stage.jaaq.org/
Origin
https://natwest.stage.jaaq.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 09:43:23 GMT
x-content-type-options
nosniff
age
537935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 09:43:23 GMT
graphql
stage-portal.stage.jaaq.org/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stage-portal.stage.jaaq.org/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,custom-origin-referer
Access-Control-Request-Method
POST
Origin
https://natwest.stage.jaaq.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,custom-origin-referer
access-control-allow-methods
POST
access-control-allow-origin
https://natwest.stage.jaaq.org
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jul 2024 15:08:58 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
server
nginx
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
graphql
stage-portal.stage.jaaq.org/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stage-portal.stage.jaaq.org/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,custom-origin-referer
Access-Control-Request-Method
POST
Origin
https://natwest.stage.jaaq.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,custom-origin-referer
access-control-allow-methods
POST
access-control-allow-origin
https://natwest.stage.jaaq.org
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jul 2024 15:08:58 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer-when-downgrade
request-context
appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
server
nginx
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
graphql
stage-portal.stage.jaaq.org/ 		238 B
897 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stage-portal.stage.jaaq.org/graphql
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b57d924b0b423249e6a494edbfa26fdb0109655533c42497a364f2b80ad16b77
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://natwest.stage.jaaq.org/
custom-origin-referer
https://natwest.stage.jaaq.org
authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
x-content-type-options
nosniff
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
request-context
appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
referrer-policy
no-referrer-when-downgrade
server
nginx
cross-origin-opener-policy
unsafe-none
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/graphql-response+json; charset=utf-8
access-control-allow-origin
https://natwest.stage.jaaq.org
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
graphql
stage-portal.stage.jaaq.org/ 		995 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stage-portal.stage.jaaq.org/graphql
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7b53320ae50d314b7a08568f3849bf1ff8c900348fe22436b6a5ccecef91f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://natwest.stage.jaaq.org/
custom-origin-referer
https://natwest.stage.jaaq.org
authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
x-content-type-options
nosniff
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
request-context
appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
referrer-policy
no-referrer-when-downgrade
server
nginx
cross-origin-opener-policy
unsafe-none
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/graphql-response+json; charset=utf-8
access-control-allow-origin
https://natwest.stage.jaaq.org
access-control-allow-credentials
true
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
favicon-32x32.png
natwest.stage.jaaq.org/assets/favicon/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/assets/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6f82b034b5e88102dd76d8e273c422a06a1eb86d1aab2889f3152f793b665b05

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
last-modified
Wed, 13 Mar 2024 11:17:42 GMT
server
nginx
etag
W/"4fd-18e378847f0"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1277
forgot-password.json
natwest.stage.jaaq.org/_next/data/UfgZG0S7rdebUcionae56/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/data/UfgZG0S7rdebUcionae56/forgot-password.json
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2cde36616f5e8e3218e16bcd6ba609da04a223b84180a91bb4e4a83a08c72646

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
x-nextjs-matched-path
/forgot-password
content-encoding
gzip
server
nginx
etag
"15mxos7qedl5bp"
vary
Accept-Encoding
content-type
application/json
x-nextjs-cache
HIT
cache-control
s-maxage=31536000, stale-while-revalidate
forgot-password-827332845e09112f.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/forgot-password-827332845e09112f.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"11c2-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
register-b7a7057ec8dc66d1.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/register-b7a7057ec8dc66d1.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"329d-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
forgot-password-827332845e09112f.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/forgot-password-827332845e09112f.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ae4f2405f8aa2b80c2506b3996f580f6afa90cbac450d95b6b0116f44c28a785

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"11c2-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
1d1945faac96acdf.css
natwest.stage.jaaq.org/_next/static/css/ 		3 KB
998 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/css/1d1945faac96acdf.css
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
5a6b3bbdd57bec40f0e60cc58e33e1390136c596acfca3ac49f1e01b333e5a22

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"a22-18e378ac4a8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
register-b7a7057ec8dc66d1.js
natwest.stage.jaaq.org/_next/static/chunks/pages/ 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/chunks/pages/register-b7a7057ec8dc66d1.js
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bda31b2e0b4874d7270d8f9da4406b6d21e81337300280b87d052f43a43c00ca

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"329d-18e378ac4a8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
6ff1a2cdaf1d2299.css
natwest.stage.jaaq.org/_next/static/css/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://natwest.stage.jaaq.org/_next/static/css/6ff1a2cdaf1d2299.css
Requested by
Host: natwest.stage.jaaq.org
URL: https://natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
74b4079d1c23b2cd51358251ee6c90f86f437dfb9b70c4dd8c04f73b7a6a854a

Request headers

Referer
https://natwest.stage.jaaq.org/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 11:20:25 GMT
server
nginx
etag
W/"12bb-18e378ac4a8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
new-site.jpg
stage-media-endpoint.azureedge.net/media/3gfcvlbm/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-media-endpoint.azureedge.net/media/3gfcvlbm/new-site.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85cc980bb284fda27f022ed080f589982c5f77d18adea029084fe679c65afdae
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://natwest.stage.jaaq.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 15:08:58 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
x-content-type-options
nosniff
cross-origin-embedder-policy
unsafe-none
x-cache
TCP_HIT
cross-origin-resource-policy
cross-origin
x-fd-int-roxy-purgeid
0
content-length
38065
x-xss-protection
1; mode=block
request-context
appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Mar 2023 14:51:54 GMT
cross-origin-opener-policy
unsafe-none
etag
"1d95816d92875b1"
x-frame-options
SAMEORIGIN
x-azure-ref
20240729T150858Z-154b59dbc6dwlvkrbdum70qw7s00000005xg000000021dqt
content-type
image/jpeg
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| regeneratorRuntime function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
natwest.stage.jaaq.org
stage-media-endpoint.azureedge.net
stage-portal.stage.jaaq.org
20.108.150.113
2620:1ec:bdf::60
2a00:1450:4001:812::2003
125ed9481ca8ff47525dce12d680eee633644b349ac13c80fe566a96a672b4e0
2987129dcbad40d5662f70f407cc92cc941124e4188082856ddaaf8d258030d2
2a512217fb9d2c84550c84f7542801cad5f367dacae2babc0e2bcb3a67b417dc
2cde36616f5e8e3218e16bcd6ba609da04a223b84180a91bb4e4a83a08c72646
2f56eb1ac7cac1387befb559d6de4502cbdb081e2a1172cb296067d9b95fc303
378ff3e99c1e7695f42074ad37096f15910e4f9eaae334c56a42055372f2eb15
5a6b3bbdd57bec40f0e60cc58e33e1390136c596acfca3ac49f1e01b333e5a22
6f82b034b5e88102dd76d8e273c422a06a1eb86d1aab2889f3152f793b665b05
74b4079d1c23b2cd51358251ee6c90f86f437dfb9b70c4dd8c04f73b7a6a854a
780c0da147042eb1c9bf23309d5a4ab0bd8a444a9966274ee632b4f803b84d8c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85cc980bb284fda27f022ed080f589982c5f77d18adea029084fe679c65afdae
881487b10126e54e834382273289669d8c88cc6852017048325dea211fc35045
ae4f2405f8aa2b80c2506b3996f580f6afa90cbac450d95b6b0116f44c28a785
b57d924b0b423249e6a494edbfa26fdb0109655533c42497a364f2b80ad16b77
bda31b2e0b4874d7270d8f9da4406b6d21e81337300280b87d052f43a43c00ca
bf7b53320ae50d314b7a08568f3849bf1ff8c900348fe22436b6a5ccecef91f4
d1ae757b6c77ecc625998009eae02b8f4ef34b6e2236902c7c64feffb3caa4a4
d92c8a28fc3e0b4dd83c7ed9f7ab71ff711c15b6ef2d592952fc9bfb90fefc97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855