urlscan.io logo urlscan.io
SecurityTrails logo

dms2.neas.com Open in urlscan Pro
207.67.109.174  Public Scan

Go To Rescan Add Verdict Report
URL: http://dms2.neas.com/
Submission: On January 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 207.67.109.174, located in Waukesha, United States and belongs to PROHEALTH-CARE, US. The main domain is dms2.neas.com.
This is the only time dms2.neas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 207.67.109.174 21857 (PROHEALTH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 4
Apex Domain
Subdomains		 Transfer
8 neas.com
dms2.neas.com
1 MB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
12 3
Domain Requested by
8 dms2.neas.com dms2.neas.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com dms2.neas.com
12 3

This site contains links to these domains. Also see Links.

Domain
dms.neas.com
owa.phci.org
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://dms2.neas.com/
Frame ID: A996FE74588E0A6789CFFF8F549CAAEF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DIMS

Page Statistics

12
Requests

17 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1144 kB
Transfer

1156 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dms2.neas.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
b7d728012e45ad036ce190bb71a84a3bce5a942936be533709a70833e710fcb2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
1221
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Jan 2023 19:40:16 GMT
ETag
"17fc7e-4c5-5ee0f8eaa5140"
Expires
0
Last-Modified
Tue, 22 Nov 2022 13:57:49 GMT
Pragma
no-cache
Server
Apache/2.2.22 (@RELEASE@)
X-Frame-Options
SAMEORIGIN
polyfills.js
dms2.neas.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/polyfills.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
6b72a39150fb21246c8a537e56b08e290f9e2f2186313f7c8e4ead8af8ee6e2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:16 GMT
Connection
close
Content-Length
3938
Pragma
no-cache
Last-Modified
Fri, 21 Aug 2020 17:34:01 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17f5a5-f62-5ad66a475b440"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
spin.min.js
dms2.neas.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/spin.min.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
f6d1317bf553acf1499cf25bbf7c80a480aba2f1b77c80a0877139e2dea43111
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:16 GMT
Connection
close
Content-Length
4274
Pragma
no-cache
Last-Modified
Wed, 29 Nov 2017 00:31:33 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"180013-10b2-55f1441e40340"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
main.751451d4.js
dms2.neas.com/static/js/ 		797 KB
798 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/static/js/main.751451d4.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
2c015d74f80c50be272519bbb083b78a49c3b92426f8fcea79a9a1b90c1f533a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:16 GMT
Connection
close
Content-Length
816532
Pragma
no-cache
Last-Modified
Tue, 22 Nov 2022 13:57:50 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17ffb8-c7594-5ee0f8eb99380"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
main.fa46d1d7.css
dms2.neas.com/static/css/ 		266 KB
267 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/static/css/main.fa46d1d7.css
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
add7a128bd669e1e750871eacf6308a06c92a05e501214f4bbde70190e1503ba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:16 GMT
Connection
close
Content-Length
272557
Pragma
no-cache
Last-Modified
Tue, 22 Nov 2022 13:57:49 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17f60d-428ad-5ee0f8eaa5140"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,700
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/static/css/main.fa46d1d7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ca4f60192d0be869f5ab5c73d8586b562a06c00b0ab098b3f11c204b166a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Jan 2023 19:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 19:40:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Jan 2023 19:40:17 GMT
4821.ef21a0e3.chunk.js
dms2.neas.com/static/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/static/js/4821.ef21a0e3.chunk.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/static/js/main.751451d4.js
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
75d95618905f9643cd1c5420bc0df68a1690289ba36824289311a67d7eeb997f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:18 GMT
Connection
close
Content-Length
16111
Pragma
no-cache
Last-Modified
Tue, 22 Nov 2022 13:57:50 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17fdec-3eef-5ee0f8eb99380"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
512.31c4b711.chunk.js
dms2.neas.com/static/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/static/js/512.31c4b711.chunk.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/static/js/main.751451d4.js
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
5387db6a24202618a23553c66b4be5e4d0b569bf2ffa4f0ea5c591a71c44d409
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:18 GMT
Connection
close
Content-Length
3220
Pragma
no-cache
Last-Modified
Tue, 22 Nov 2022 13:57:49 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17fe11-c94-5ee0f8eaa5140"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
truncated
/ 		160 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c0b846b2f6e10a4c01f873bb33f1ecb59840151e802b2a1ef869a220a702cec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1003 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca2cdf7f28c93b2e6a1a9c719760b4d73d8d77ca0815192fe0f86cdc4e80fbcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab8159d292b1c2dd02ac670210e6dd831faea515ac969648c073f8ffda7b98e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://dms2.neas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 18:50:55 GMT
x-content-type-options
nosniff
age
262162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 18:50:55 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48beb31b9c692dbe559d283391d9514a08509e62f995de74a581f2c071162bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
init
dms2.neas.com/internal_api/v1/ 		0
0
9926.8631bc4c.chunk.js
dms2.neas.com/static/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dms2.neas.com/static/js/9926.8631bc4c.chunk.js
Requested by
Host: dms2.neas.com
URL: http://dms2.neas.com/static/js/main.751451d4.js
Protocol
HTTP/1.1
Server
207.67.109.174 Waukesha, United States, ASN21857 (PROHEALTH-CARE, US),
Reverse DNS
dms2.neas.com
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
5ed6b2b014224d714bc678458d1599f7033b3e5158eaecdf78aaced69b227e6b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dms2.neas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 26 Jan 2023 19:40:18 GMT
Connection
close
Content-Length
2195
Pragma
no-cache
Last-Modified
Tue, 22 Nov 2022 13:57:49 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"17ffb2-893-5ee0f8eaa5140"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE,PUT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Expires
0
init
dms2.neas.com/internal_api/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dms2.neas.com
URL
https://dms2.neas.com/internal_api/v1/init
Domain
dms2.neas.com
URL
https://dms2.neas.com/internal_api/v1/init

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| Spinner object| opts object| target object| spinner function| SharedArrayBuffer object| webpackChunkdms function| setImmediate function| clearImmediate object| regeneratorRuntime string| csrf_token

0 Cookies

4 Console Messages

Source Level URL
Text
javascript error URL: http://dms2.neas.com/
Message:
Access to XMLHttpRequest at 'https://dms2.neas.com/internal_api/v1/init' from origin 'http://dms2.neas.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://dms2.neas.com/internal_api/v1/init
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://dms2.neas.com/
Message:
Access to XMLHttpRequest at 'https://dms2.neas.com/internal_api/v1/init' from origin 'http://dms2.neas.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://dms2.neas.com/internal_api/v1/init
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN