questionid.natwest.stage.jaaq.org Open in urlscan Pro
20.108.150.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://questionid.natwest.stage.jaaq.org/
Effective URL:
https://questionid.natwest.stage.jaaq.org/login
Submission: On July 29 via automatic, source certstream-suspicious (July 29th 2024, 3:09:05 pm UTC) — Scanned from GB

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 20.108.150.113, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is questionid.natwest.stage.jaaq.org.
TLS certificate: Issued by R11 on July 29th 2024. Valid for: 3 months.

This is the only time questionid.natwest.stage.jaaq.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	20.108.150.113 20.108.150.113	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
23	3

22 20.108.150.113 (London, United Kingdom) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

questionid.natwest.stage.jaaq.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stage-portal.stage.jaaq.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	jaaq.org 1 redirects questionid.natwest.stage.jaaq.org stage-portal.stage.jaaq.org	295 KB
1	gstatic.com fonts.gstatic.com	8 KB
0	azureedge.net Failed stage-media-endpoint.azureedge.net Failed
23	3

	Domain	Requested by
18	questionid.natwest.stage.jaaq.org	1 redirects questionid.natwest.stage.jaaq.org
4	stage-portal.stage.jaaq.org	questionid.natwest.stage.jaaq.org
1	fonts.gstatic.com	questionid.natwest.stage.jaaq.org
0	stage-media-endpoint.azureedge.net Failed
23	4

This site contains no links.

Subject Issuer	Validity	Valid
natwest.stage.jaaq.org R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
stage-portal.stage.jaaq.org R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://questionid.natwest.stage.jaaq.org/login
Frame ID: D52CE3E133534F1B0C991DB14369D302
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JAAQ: The new mental health platform

Page URL History Show full URLs

https://questionid.natwest.stage.jaaq.org/ HTTP 307
https://questionid.natwest.stage.jaaq.org/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

96 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

303 kB
Transfer

973 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://questionid.natwest.stage.jaaq.org/ HTTP 307
https://questionid.natwest.stage.jaaq.org/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
questionid.natwest.stage.jaaq.org/
Redirect Chain

https://questionid.natwest.stage.jaaq.org/
https://questionid.natwest.stage.jaaq.org/login

18 KB
5 KB

44ms
44ms

Document
text/html

20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx / Next.js
Resource Hash: 2987129dcbad40d5662f70f407cc92cc941124e4188082856ddaaf8d258030d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 29 Jul 2024 15:09:01 GMT
etag: "dtlga4qlsped0"
server: nginx
vary: Accept-Encoding
x-powered-by: Next.js

Redirect headers

date: Mon, 29 Jul 2024 15:09:01 GMT
location: /login
server: nginx

GET
H2 200 4cbe30961ee3afb2.css
questionid.natwest.stage.jaaq.org/_next/static/css/ 42 KB
8 KB 34ms
33ms Stylesheet
text/css 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/css/4cbe30961ee3afb2.css
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 378ff3e99c1e7695f42074ad37096f15910e4f9eaae334c56a42055372f2eb15

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"a8e4-18e378ac4a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 147eb40e3b161534.css
questionid.natwest.stage.jaaq.org/_next/static/css/ 3 KB
1 KB 34ms
32ms Stylesheet
text/css 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/css/147eb40e3b161534.css
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 780c0da147042eb1c9bf23309d5a4ab0bd8a444a9966274ee632b4f803b84d8c

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"abf-18e378ac4a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 webpack-53184bbdd744c154.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/ 6 KB
3 KB 34ms
33ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/webpack-53184bbdd744c154.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f56eb1ac7cac1387befb559d6de4502cbdb081e2a1172cb296067d9b95fc303

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"1663-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-d9b11fe3c3b4e6c7.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/ 271 KB
85 KB 61ms
59ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: d1ae757b6c77ecc625998009eae02b8f4ef34b6e2236902c7c64feffb3caa4a4

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"43b27-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-6f78228da7574402.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 574 KB
170 KB 61ms
60ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 125ed9481ca8ff47525dce12d680eee633644b349ac13c80fe566a96a672b4e0

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"8f62a-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 login-2fd19e5a909d8d1f.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 15 KB
5 KB 34ms
34ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/login-2fd19e5a909d8d1f.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: d92c8a28fc3e0b4dd83c7ed9f7ab71ff711c15b6ef2d592952fc9bfb90fefc97

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"3c4b-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
questionid.natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/ 3 KB
1 KB 34ms
33ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/_buildManifest.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 881487b10126e54e834382273289669d8c88cc6852017048325dea211fc35045

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"dfb-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
questionid.natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/ 437 B
647 B 32ms
32ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/UfgZG0S7rdebUcionae56/_ssgManifest.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a512217fb9d2c84550c84f7542801cad5f367dacae2babc0e2bcb3a67b417dc

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
last-modified: Wed, 13 Mar 2024 11:20:50 GMT
server: nginx
etag: W/"1b5-18e378b2650"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 437

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 135ms
43ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/
Origin: https://questionid.natwest.stage.jaaq.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:50:22 GMT
x-content-type-options: nosniff
age: 519519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:50:22 GMT

OPTIONS
H2 204 graphql
stage-portal.stage.jaaq.org/ 0
0 110ms
24ms Preflight 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-portal.stage.jaaq.org/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,custom-origin-referer
Access-Control-Request-Method: POST
Origin: https://questionid.natwest.stage.jaaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,custom-origin-referer
access-control-allow-methods: POST
access-control-allow-origin: https://questionid.natwest.stage.jaaq.org
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jul 2024 15:09:01 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
server: nginx
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 204 graphql
stage-portal.stage.jaaq.org/ 0
0 110ms
25ms Preflight 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-portal.stage.jaaq.org/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,custom-origin-referer
Access-Control-Request-Method: POST
Origin: https://questionid.natwest.stage.jaaq.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,custom-origin-referer
access-control-allow-methods: POST
access-control-allow-origin: https://questionid.natwest.stage.jaaq.org
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jul 2024 15:09:01 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
server: nginx
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
stage-portal.stage.jaaq.org/ 237 B
913 B 83ms
32ms Fetch
application/graphql-response+json 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-portal.stage.jaaq.org/graphql

Requested by

Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

10200e19d02ec81550aa45f6a5153c9a146a5b3ad2a2d878b5c1286267555bae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://questionid.natwest.stage.jaaq.org/
custom-origin-referer: https://natwest.stage.jaaq.org
authorization
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
x-content-type-options: nosniff
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
referrer-policy: no-referrer-when-downgrade
server: nginx
cross-origin-opener-policy: unsafe-none
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/graphql-response+json; charset=utf-8
access-control-allow-origin: https://questionid.natwest.stage.jaaq.org
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

POST
H2 200 graphql Show response
stage-portal.stage.jaaq.org/ 995 B
2 KB 85ms
33ms Fetch
application/graphql-response+json 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-portal.stage.jaaq.org/graphql

Requested by

Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/_app-6f78228da7574402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

bf7b53320ae50d314b7a08568f3849bf1ff8c900348fe22436b6a5ccecef91f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: */*
Referer: https://questionid.natwest.stage.jaaq.org/
custom-origin-referer: https://natwest.stage.jaaq.org
authorization
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' 'unsafe-hashes' data: wss: https://dashboard.umbraco.com https://our.umbraco.com; img-src * 'self' data: https:
x-content-type-options: nosniff
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:d798b72d-9c8d-4d26-9808-f8874c62f67d
referrer-policy: no-referrer-when-downgrade
server: nginx
cross-origin-opener-policy: unsafe-none
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/graphql-response+json; charset=utf-8
access-control-allow-origin: https://questionid.natwest.stage.jaaq.org
access-control-allow-credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 favicon-32x32.png
questionid.natwest.stage.jaaq.org/assets/favicon/ 1 KB
1 KB 27ms
27ms Other
image/png 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/assets/favicon/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f82b034b5e88102dd76d8e273c422a06a1eb86d1aab2889f3152f793b665b05

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
last-modified: Wed, 13 Mar 2024 11:17:42 GMT
server: nginx
etag: W/"4fd-18e378847f0"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1277

GET
H2 200 forgot-password.json Show response
questionid.natwest.stage.jaaq.org/_next/data/UfgZG0S7rdebUcionae56/ 7 KB
2 KB 27ms
27ms Fetch
application/json 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/data/UfgZG0S7rdebUcionae56/forgot-password.json
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cde36616f5e8e3218e16bcd6ba609da04a223b84180a91bb4e4a83a08c72646

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
x-nextjs-matched-path: /forgot-password
content-encoding: gzip
server: nginx
etag: "15mxos7qedl5bp"
vary: Accept-Encoding
content-type: application/json
x-nextjs-cache: HIT
cache-control: s-maxage=31536000, stale-while-revalidate

GET
H2 200 forgot-password-827332845e09112f.js
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 0
2 KB 29ms
29ms Other
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/forgot-password-827332845e09112f.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"11c2-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 register-b7a7057ec8dc66d1.js
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 0
4 KB 28ms
28ms Other
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/register-b7a7057ec8dc66d1.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"329d-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 forgot-password-827332845e09112f.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 4 KB
0 0ms
0ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/forgot-password-827332845e09112f.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: ae4f2405f8aa2b80c2506b3996f580f6afa90cbac450d95b6b0116f44c28a785

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"11c2-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 1d1945faac96acdf.css Show response
questionid.natwest.stage.jaaq.org/_next/static/css/ 3 KB
989 B 29ms
28ms Fetch
text/css 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/css/1d1945faac96acdf.css
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a6b3bbdd57bec40f0e60cc58e33e1390136c596acfca3ac49f1e01b333e5a22

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"a22-18e378ac4a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 register-b7a7057ec8dc66d1.js Show response
questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/ 13 KB
0 1ms
1ms Script
application/javascript 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/pages/register-b7a7057ec8dc66d1.js
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: bda31b2e0b4874d7270d8f9da4406b6d21e81337300280b87d052f43a43c00ca

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"329d-18e378ac4a8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 6ff1a2cdaf1d2299.css Show response
questionid.natwest.stage.jaaq.org/_next/static/css/ 5 KB
2 KB 29ms
28ms Fetch
text/css 20.108.150.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://questionid.natwest.stage.jaaq.org/_next/static/css/6ff1a2cdaf1d2299.css
Requested by: Host: questionid.natwest.stage.jaaq.org
URL: https://questionid.natwest.stage.jaaq.org/_next/static/chunks/main-d9b11fe3c3b4e6c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.108.150.113 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 74b4079d1c23b2cd51358251ee6c90f86f437dfb9b70c4dd8c04f73b7a6a854a

Request headers

Referer: https://questionid.natwest.stage.jaaq.org/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 15:09:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2024 11:20:25 GMT
server: nginx
etag: W/"12bb-18e378ac4a8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET new-site.jpg
stage-media-endpoint.azureedge.net/media/3gfcvlbm/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stage-media-endpoint.azureedge.net
URL: https://stage-media-endpoint.azureedge.net/media/3gfcvlbm/new-site.jpg

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stage-media-endpoint.azureedge.net/media/3gfcvlbm/new-site.jpg Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
questionid.natwest.stage.jaaq.org
stage-media-endpoint.azureedge.net
stage-portal.stage.jaaq.org
stage-media-endpoint.azureedge.net
20.108.150.113
2a00:1450:4001:808::2003
10200e19d02ec81550aa45f6a5153c9a146a5b3ad2a2d878b5c1286267555bae
125ed9481ca8ff47525dce12d680eee633644b349ac13c80fe566a96a672b4e0
2987129dcbad40d5662f70f407cc92cc941124e4188082856ddaaf8d258030d2
2a512217fb9d2c84550c84f7542801cad5f367dacae2babc0e2bcb3a67b417dc
2cde36616f5e8e3218e16bcd6ba609da04a223b84180a91bb4e4a83a08c72646
2f56eb1ac7cac1387befb559d6de4502cbdb081e2a1172cb296067d9b95fc303
378ff3e99c1e7695f42074ad37096f15910e4f9eaae334c56a42055372f2eb15
5a6b3bbdd57bec40f0e60cc58e33e1390136c596acfca3ac49f1e01b333e5a22
6f82b034b5e88102dd76d8e273c422a06a1eb86d1aab2889f3152f793b665b05
74b4079d1c23b2cd51358251ee6c90f86f437dfb9b70c4dd8c04f73b7a6a854a
780c0da147042eb1c9bf23309d5a4ab0bd8a444a9966274ee632b4f803b84d8c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
881487b10126e54e834382273289669d8c88cc6852017048325dea211fc35045
ae4f2405f8aa2b80c2506b3996f580f6afa90cbac450d95b6b0116f44c28a785
bda31b2e0b4874d7270d8f9da4406b6d21e81337300280b87d052f43a43c00ca
bf7b53320ae50d314b7a08568f3849bf1ff8c900348fe22436b6a5ccecef91f4
d1ae757b6c77ecc625998009eae02b8f4ef34b6e2236902c7c64feffb3caa4a4
d92c8a28fc3e0b4dd83c7ed9f7ab71ff711c15b6ef2d592952fc9bfb90fefc97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

questionid.natwest.stage.jaaq.org Open in urlscan Pro 20.108.150.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

303 kBTransfer

973 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

questionid.natwest.stage.jaaq.org Open in urlscan Pro
20.108.150.113 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

303 kB
Transfer

973 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions