urlscan.io logo urlscan.io
SecurityTrails logo

astellas-ecap-uat.corestream.co.uk Open in urlscan Pro
185.249.120.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://astellas-ecap-uat.corestream.co.uk/
Submission: On July 06 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 185.249.120.72, located in United Kingdom and belongs to IOMART-AS, GB. The main domain is astellas-ecap-uat.corestream.co.uk.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 5th 2024. Valid for: a year.
This is the only time astellas-ecap-uat.corestream.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 185.249.120.72 20860 (IOMART-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 4
Domain Requested by
18 astellas-ecap-uat.corestream.co.uk astellas-ecap-uat.corestream.co.uk
1 fonts.gstatic.com fonts.googleapis.com
1 astellas-ecap-uat-api.corestream.co.uk astellas-ecap-uat.corestream.co.uk
1 fonts.googleapis.com astellas-ecap-uat.corestream.co.uk
0 astellas-ecap-uat-idserver.corestream.co.uk Failed astellas-ecap-uat.corestream.co.uk
23 5

This site contains no links.

Subject Issuer Validity Valid
*.corestream.co.uk
Starfield Secure Certificate Authority - G2		 2024-03-05 -
2025-03-05		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://astellas-ecap-uat.corestream.co.uk/
Frame ID: E3FD5228755119D77DAA68C83BCCFEC3
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The CoreStream Platform

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

23
Requests

91 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

1302 kB
Transfer

3199 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
astellas-ecap-uat.corestream.co.uk/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
1a174b0636c4a5d2e5a66d378dff1f9b0c12dfce980183051c782c543be140bc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-type
text/html
date
Sat, 06 Jul 2024 11:16:21 GMT
etag
"1d9fac08d928f8b"
expires
-1
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
pragma
no-cache
referrer-policy
origin
server
Kestrel
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
Deny
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
index-14e0a676.js
astellas-ecap-uat.corestream.co.uk/dist/ 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
8bb2e500cba0480e201242d35a3ef57eb5015bc712958f0c3eb4d5d4b946dedc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08dbea226"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
index-1b62b689.css
astellas-ecap-uat.corestream.co.uk/dist/ 		291 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/index-1b62b689.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
1b62b689c85bf91d4b19015c59cc856d75f8fb36140159ba5b3f7d500935bf12
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d961367"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,300,400,500
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-1b62b689.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 11:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 11:16:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 11:16:21 GMT
settings.json
astellas-ecap-uat.corestream.co.uk/settings/ 		625 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/settings/settings.json
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
7acbf5969efd82a305f04a99124b92b4ea3b5d5b839142159d37dc4e22e129d7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
content-length
625
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Wed, 16 Mar 2022 18:10:28 GMT
server
Kestrel
etag
"1d839611dae4071"
x-frame-options
Deny
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
favicon-ae3f1dc7.ico
astellas-ecap-uat.corestream.co.uk/dist/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/favicon-ae3f1dc7.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
ae3f1dc783d7f495c45d6a900683e86392d37a14a6d024fcf6b113d5b0324c24
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
content-length
15406
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d92a52e"
x-frame-options
Deny
content-type
image/x-icon
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
negotiate
astellas-ecap-uat-api.corestream.co.uk/concurrency/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat-api.corestream.co.uk/concurrency/negotiate?negotiateVersion=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Founding Father Serverâ„¢ /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with,x-signalr-user-agent
Access-Control-Request-Method
POST
Origin
https://astellas-ecap-uat.corestream.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with,x-signalr-user-agent
access-control-allow-methods
POST
access-control-allow-origin
https://astellas-ecap-uat.corestream.co.uk
cache-control
no-cache, no-store, must-revalidate
content-security-policy
style-src 'self' 'unsafe-inline';block-all-mixed-content
date
Sat, 06 Jul 2024 11:16:25 GMT
expires
-1
pragma
no-cache
referrer-policy
origin
server
Founding Father Serverâ„¢
strict-transport-security
max-age=63072000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
Deny
x-xss-protection
1; mode=block
cs-header-ba98e3d0.js
astellas-ecap-uat.corestream.co.uk/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-header-ba98e3d0.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
fb5f5a6ee9f51557290e7dc6f3e7fae7b5bba87d2ba5078be0cb0afe91207eba
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d92aaba"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-new-click-outside-ca08b8f0.js
astellas-ecap-uat.corestream.co.uk/dist/ 		347 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-new-click-outside-ca08b8f0.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
c1f720c49459f57d2475732b0052fad4e6a033127c3723042d735c9de7ffea88
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d92985b"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-header-210debb1.css
astellas-ecap-uat.corestream.co.uk/dist/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-header-210debb1.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
210debb19dfdad3243d107ebdd494498413ccebef0486988131979839246cc60
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d928c80"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-user-sidebar-1981257e.js
astellas-ecap-uat.corestream.co.uk/dist/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-user-sidebar-1981257e.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
51890bba6696385b35ec7d56044edd6e0e124fa47e2d81cd1131a2e8fe65991a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929d18"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-user-sidebar-4cbe2379.css
astellas-ecap-uat.corestream.co.uk/dist/ 		707 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-user-sidebar-4cbe2379.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
4cbe23797c5c0f7f4c223cad750afa9cdb68e920b2dc487ebf6fc72858307df0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929bc3"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-system-tooltip-a6a61a5d.js
astellas-ecap-uat.corestream.co.uk/dist/ 		420 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-system-tooltip-a6a61a5d.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
14efc559b7ec8eb223c355d3a58e5884ae1394a7d2a6cd558e195bdb5eb392af
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d9298a4"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-system-tooltip-237f6b8a.css
astellas-ecap-uat.corestream.co.uk/dist/ 		1 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-system-tooltip-237f6b8a.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
237f6b8a5ad3b3dd8cd71a046dde1ab1a45e0347f1adbf2e56a283e8b83c8ff3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929df8"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-system-popup-bffd9d0a.js
astellas-ecap-uat.corestream.co.uk/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-system-popup-bffd9d0a.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
abd2a2fb15ae5d1fdef8d9366a072b8f699bd98bff6eb0b314012b440a0ffc8c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d9297ea"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-system-popup-57e9d6d1.css
astellas-ecap-uat.corestream.co.uk/dist/ 		985 B
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-system-popup-57e9d6d1.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
57e9d6d14b46676c86334572a3f8f1e0385142f6ff619e2d070b77f85075e4a3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929ad9"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-datepicker-modal-1dc68afd.js
astellas-ecap-uat.corestream.co.uk/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-datepicker-modal-1dc68afd.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
ac0ba2f78de134dbd80fffeb2c00b2208d797d3a1f29643d9bd0342572cb6ce6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d9291c7"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-datepicker-modal-515f862d.css
astellas-ecap-uat.corestream.co.uk/dist/ 		399 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-datepicker-modal-515f862d.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
515f862de18e1e664b7da32cc49fb4c7a4a1bb3e5df5c7b4c26773daeb75f7f4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d92988f"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
negotiate
astellas-ecap-uat-api.corestream.co.uk/concurrency/ 		0
0
cs-loadinglogo-d70ea08b.js
astellas-ecap-uat.corestream.co.uk/dist/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-loadinglogo-d70ea08b.js
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
f6731f474a855cbe9fd0375b57ed45853460fcb9c2ea686a2b8df8888eb4cdef
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929d74"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
cs-loadinglogo-d47d5981.css
astellas-ecap-uat.corestream.co.uk/dist/ 		2 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://astellas-ecap-uat.corestream.co.uk/dist/cs-loadinglogo-d47d5981.css
Requested by
Host: astellas-ecap-uat.corestream.co.uk
URL: https://astellas-ecap-uat.corestream.co.uk/dist/index-14e0a676.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.249.120.72 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
d47d5981f53e415c3d87bb5040c492642757ea5f921813860a8caf1589482afe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://astellas-ecap-uat.corestream.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
date
Sat, 06 Jul 2024 11:16:21 GMT
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
last-modified
Mon, 09 Oct 2023 14:54:50 GMT
server
Kestrel
etag
"1d9fac08d929f4a"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
expires
-1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://astellas-ecap-uat.corestream.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 21:18:03 GMT
x-content-type-options
nosniff
age
136698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 21:18:03 GMT
openid-configuration
astellas-ecap-uat-idserver.corestream.co.uk/.well-known/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
astellas-ecap-uat-api.corestream.co.uk
URL
https://astellas-ecap-uat-api.corestream.co.uk/concurrency/negotiate?negotiateVersion=1
Domain
astellas-ecap-uat-idserver.corestream.co.uk
URL
https://astellas-ecap-uat-idserver.corestream.co.uk/.well-known/openid-configuration

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| __VUE_HMR_RUNTIME__ object| __VUE_INSTANCE_SETTERS__ object| devtoolsFormatters boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __INTLIFY__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| falib boolean| __VUE__ object| __VUE_DEVTOOLS_HOOK_REPLAY__ object| __VUE_DEVTOOLS_PLUGINS__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.syncfusion.com;object-src 'self';style-src 'self' 'unsafe-inline' fonts.googleapis.com *.tiny.cloud *.tinymce.com *.corestream.co.uk cdn.syncfusion.com graph.microsoft.com;img-src 'self' *.tinymce.com *.tiny.cloud data: blob: *.corestream.co.uk graph.microsoft.com;media-src 'self' *.youtube.com *.corestream.co.uk graph.microsoft.com;connect-src 'self' *.tinymce.com *.tiny.cloud blob: wss: *.corestream.co.uk sentry.io graph.microsoft.com;form-action 'self';frame-ancestors 'self';block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

astellas-ecap-uat-api.corestream.co.uk
astellas-ecap-uat-idserver.corestream.co.uk
astellas-ecap-uat.corestream.co.uk
fonts.googleapis.com
fonts.gstatic.com
astellas-ecap-uat-api.corestream.co.uk
astellas-ecap-uat-idserver.corestream.co.uk
185.249.120.72
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
14efc559b7ec8eb223c355d3a58e5884ae1394a7d2a6cd558e195bdb5eb392af
1a174b0636c4a5d2e5a66d378dff1f9b0c12dfce980183051c782c543be140bc
1b62b689c85bf91d4b19015c59cc856d75f8fb36140159ba5b3f7d500935bf12
210debb19dfdad3243d107ebdd494498413ccebef0486988131979839246cc60
237f6b8a5ad3b3dd8cd71a046dde1ab1a45e0347f1adbf2e56a283e8b83c8ff3
4cbe23797c5c0f7f4c223cad750afa9cdb68e920b2dc487ebf6fc72858307df0
515f862de18e1e664b7da32cc49fb4c7a4a1bb3e5df5c7b4c26773daeb75f7f4
51890bba6696385b35ec7d56044edd6e0e124fa47e2d81cd1131a2e8fe65991a
57e9d6d14b46676c86334572a3f8f1e0385142f6ff619e2d070b77f85075e4a3
7acbf5969efd82a305f04a99124b92b4ea3b5d5b839142159d37dc4e22e129d7
8bb2e500cba0480e201242d35a3ef57eb5015bc712958f0c3eb4d5d4b946dedc
abd2a2fb15ae5d1fdef8d9366a072b8f699bd98bff6eb0b314012b440a0ffc8c
ac0ba2f78de134dbd80fffeb2c00b2208d797d3a1f29643d9bd0342572cb6ce6
ae3f1dc783d7f495c45d6a900683e86392d37a14a6d024fcf6b113d5b0324c24
c1f720c49459f57d2475732b0052fad4e6a033127c3723042d735c9de7ffea88
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d47d5981f53e415c3d87bb5040c492642757ea5f921813860a8caf1589482afe
f6731f474a855cbe9fd0375b57ed45853460fcb9c2ea686a2b8df8888eb4cdef
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb5f5a6ee9f51557290e7dc6f3e7fae7b5bba87d2ba5078be0cb0afe91207eba