user.vmp-tst.mlcsu.org Open in urlscan Pro
13.107.253.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.vmp-tst.mlcsu.org/
Submission: On October 08 via automatic, source certstream-suspicious (October 8th 2024, 2:32:18 pm UTC) — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 13.107.253.40, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is user.vmp-tst.mlcsu.org.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on October 8th 2024. Valid for: 6 months.

This is the only time user.vmp-tst.mlcsu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	13.107.253.40 13.107.253.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.214.140.164 23.214.140.164	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2

6 13.107.253.40 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

user.vmp-tst.mlcsu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.214.140.164 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-140-164.deploy.static.akamaitechnologies.com

assets.nhs.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mlcsu.org user.vmp-tst.mlcsu.org	48 KB
2	assets.nhs.uk assets.nhs.uk — Cisco Umbrella Rank: 61656	35 KB
8	2

	Domain	Requested by
6	user.vmp-tst.mlcsu.org	user.vmp-tst.mlcsu.org
2	assets.nhs.uk	user.vmp-tst.mlcsu.org
8	2

This site contains no links.

Subject Issuer	Validity	Valid
user.vmp-tst.mlcsu.org GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-10-08` - `2025-04-08`	6 months	crt.sh
www.nhs.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2025-07-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://user.vmp-tst.mlcsu.org/
Frame ID: 0122772E126D2B84E7E6A33BD51528E0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NHS Diabetes prevention programme

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

83 kB
Transfer

164 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.vmp-tst.mlcsu.org/ 10 KB
6 KB 647ms
415ms Document
text/html 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

753cef01d97c98f087ae4d71d12e8635cde40420418c79606d8d667c9fba9697

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
content-type: text/html; charset=utf-8
date: Tue, 08 Oct 2024 14:32:13 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
strict-transport-security: max-age=31536000
vary: Accept-Encoding
version: v1
x-azure-ref: 20241008T143212Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064p0
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ 17 KB
17 KB 639ms
126ms Font
application/octet-stream 23.214.140.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.214.140.164 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-214-140-164.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://user.vmp-tst.mlcsu.org
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-md5: lRIDEWIJgHewKikdW/afDg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D6BCD488B0257A
expires: Fri, 08 Nov 2024 00:37:01 GMT
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: application/octet-stream
last-modified: Tue, 09 Apr 2019 10:17:13 GMT
strict-transport-security: max-age=63072000
cache-control: max-age=2628288
x-datastream-cache-status: 3
x-ms-request-id: 4ed52d24-f01e-0047-7a20-f1772e000000
access-control-allow-origin: *
x-datastream-midmile-rtt: 2
content-length: 17284
x-ms-blob-type: BlockBlob
x-datastream-origin-mex-latency: 274
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ 17 KB
17 KB 758ms
246ms Font
application/octet-stream 23.214.140.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.woff2

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.214.140.164 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-214-140-164.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://user.vmp-tst.mlcsu.org
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-md5: OPdl6/MQFVFaVJuAqOKjeg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D6BCD48962A5B8
expires: Fri, 08 Nov 2024 00:37:01 GMT
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: application/octet-stream
last-modified: Tue, 09 Apr 2019 10:17:14 GMT
strict-transport-security: max-age=63072000
cache-control: max-age=2628288
x-datastream-cache-status: 1
x-ms-request-id: 8351c347-e01e-0053-1939-06b44a000000
access-control-allow-origin: *
content-length: 17216
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 vmp-main.min.css
user.vmp-tst.mlcsu.org/css/ 104 KB
22 KB 145ms
144ms Stylesheet
text/css 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/css/vmp-main.min.css

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80bd063b0a8e5199d9f2d659eeb7fdd25e9e463ba6c1c9a97e826e696cc8f3bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-encoding: gzip
etag: "1dad919fa70d4c0"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: text/css
last-modified: Thu, 18 Jul 2024 13:54:16 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
x-azure-ref: 20241008T143213Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064pa
version: v1

GET
H2 200 nhs-uk-body.js Show response
user.vmp-tst.mlcsu.org/js/ 114 B
1 KB 405ms
403ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/js/nhs-uk-body.js

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fba5a75c897899b15308045df0ddc2390993ddb2499a8df637cabc65240021c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-encoding: gzip
etag: "1da7c495e747c72"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 11:09:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
x-azure-ref: 20241008T143213Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064pb
version: v1

GET
H2 200 site.js Show response
user.vmp-tst.mlcsu.org/js/ 2 KB
2 KB 416ms
414ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/js/site.js

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ea3077d9f58b5139dd2d16042bef3584676c4e847ce8dbf88bf822520b47eeb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-encoding: gzip
etag: "1da97bfc033840d"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: text/javascript
last-modified: Fri, 26 Apr 2024 09:54:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
x-azure-ref: 20241008T143213Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064pc
version: v1

GET
H2 200 back-link.js Show response
user.vmp-tst.mlcsu.org/js/ 290 B
1 KB 411ms
410ms Script
text/javascript 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/js/back-link.js

Requested by

Host: user.vmp-tst.mlcsu.org
URL: https://user.vmp-tst.mlcsu.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7328a753a0c89797fd74a7f74283f2e945c213d435a8b7af639b73eed7bfed27

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

content-encoding: gzip
etag: "1da7c495e747d22"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Tue, 08 Oct 2024 14:32:13 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 11:09:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
x-azure-ref: 20241008T143213Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064pd
version: v1

GET
H2 200 favicon.ico
user.vmp-tst.mlcsu.org/lib/nhsuk-frontend/assets/favicons/ 15 KB
16 KB 162ms
162ms Other
image/x-icon 13.107.253.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.vmp-tst.mlcsu.org/lib/nhsuk-frontend/assets/favicons/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22043b7f64e5ebc1fbb2f7645f4af2b0a4b9b22ab9b3a13491b00b69c5978540

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://user.vmp-tst.mlcsu.org/

Response headers

etag: "1dad919ec2362ee"
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
date: Tue, 08 Oct 2024 14:32:14 GMT
content-type: image/x-icon
last-modified: Thu, 18 Jul 2024 13:53:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com *.vintom.com; font-src 'self' vintom.com *.vintom.com assets.nhs.uk; style-src 'self' vintom.com *.vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com *.vintom.com *.streaming.mediaservices.windows.net *.streaming.media.azure.net *.blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:75d58231-8e5f-4508-8787-8a48d9504339
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
content-length: 15086
x-xss-protection: 1; mode=block
x-azure-ref: 20241008T143213Z-r19789f58d5kwt7x7v24w7d90n0000000fu00000000064q0
version: v1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| findParamIgnoreCase function| displayError

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.user.vmp-tst.mlcsu.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: 310b2fcc84cfe1c4978678496139361c99638187673a89655f07acaba6eb74b0
			.user.vmp-tst.mlcsu.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 310b2fcc84cfe1c4978678496139361c99638187673a89655f07acaba6eb74b0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://user.vmp-tst.mlcsu.org/(Line 28) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' vintom.com *.vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='". Either the 'unsafe-inline' keyword, a hash ('sha256-raQRXKaph2ZvKXQ3WOlvq+4Ut2+FMfML0lNytPrYj4M='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self' vntmfarmwerenders.blob.core.windows.net data: vintom.com .vintom.com; font-src 'self' vintom.com .vintom.com assets.nhs.uk; style-src 'self' vintom.com .vintom.com 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; script-src 'self' vintom.com .vintom.com 'sha256-+6WnXIl4mbFTCARd8N3COQmT3bJJmo32N8q8ZSQAIcU='; connect-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net http://localhost:* ws://localhost:* ; worker-src 'self' blob:; media-src 'self' blob: vintom.com .vintom.com .streaming.mediaservices.windows.net .streaming.media.azure.net .blob.core.windows.net; child-src 'self' blob:; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; frame-src vintom.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nhs.uk
user.vmp-tst.mlcsu.org
13.107.253.40
23.214.140.164
22043b7f64e5ebc1fbb2f7645f4af2b0a4b9b22ab9b3a13491b00b69c5978540
7328a753a0c89797fd74a7f74283f2e945c213d435a8b7af639b73eed7bfed27
753cef01d97c98f087ae4d71d12e8635cde40420418c79606d8d667c9fba9697
80bd063b0a8e5199d9f2d659eeb7fdd25e9e463ba6c1c9a97e826e696cc8f3bd
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
ea3077d9f58b5139dd2d16042bef3584676c4e847ce8dbf88bf822520b47eeb5
fba5a75c897899b15308045df0ddc2390993ddb2499a8df637cabc65240021c5

user.vmp-tst.mlcsu.org Open in urlscan Pro 13.107.253.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

83 kBTransfer

164 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

user.vmp-tst.mlcsu.org Open in urlscan Pro
13.107.253.40 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

83 kB
Transfer

164 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions