urlscan.io logo urlscan.io
SecurityTrails logo

portal.foundationforintermediaries.co.uk Open in urlscan Pro
37.203.46.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdlink.foundationforintermediaries.co.uk/c/6/?T=ODcxODk5ODg%3AcDEtYjIxMTQ3LTc2NTVmN2ViMWE2MTQxZTdiNGZjZWZjYTdjYTQyMWQ2%3Ac2FtQG9keXNzZXl3...
Effective URL: https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cld...
Submission: On May 27 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 9 HTTP transactions. The main IP is 37.203.46.61, located in United Kingdom and belongs to ASN-CENTRILOGIC-UK, GB. The main domain is portal.foundationforintermediaries.co.uk.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 28th 2020. Valid for: 2 years.
This is the only time portal.foundationforintermediaries.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.67.210.167 8075 (MICROSOFT...)
5 37.203.46.61 44332 (ASN-CENTR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
9 2
Domain Requested by
5 portal.foundationforintermediaries.co.uk portal.foundationforintermediaries.co.uk
4 script.crazyegg.com portal.foundationforintermediaries.co.uk
script.crazyegg.com
1 cdlink.foundationforintermediaries.co.uk 1 redirects
9 3

This site contains links to these domains. Also see Links.

Domain
www.foundationforintermediaries.co.uk
Subject Issuer Validity Valid
*.foundationforintermediaries.co.uk
Entrust Certification Authority - L1K		 2020-03-28 -
2022-06-26		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Frame ID: 262C0E531F66C9BC64E39BD05FDF8870
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cdlink.foundationforintermediaries.co.uk/c/6/?T=ODcxODk5ODg%3AcDEtYjIxMTQ3LTc2NTVmN2ViMWE2MTQxZTdiNGZjZWZjYTdjYTQyMWQ... HTTP 302
    https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-wi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /ruxitagentjs/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

3749 kB
Transfer

3920 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdlink.foundationforintermediaries.co.uk/c/6/?T=ODcxODk5ODg%3AcDEtYjIxMTQ3LTc2NTVmN2ViMWE2MTQxZTdiNGZjZWZjYTdjYTQyMWQ2%3Ac2FtQG9keXNzZXl3ZWFsdGguY28udWs%3AY29udGFjdC05OWFhNDFhZjdhNTRlOTExYTk3MzAwMjI0ODA3MmFiZC05NDExYWYzOTM2N2Y0MThhYjc3NTEwMDA1ODFmMWQzNg%3AZmFsc2U%3AMg%3A%3AaHR0cHM6Ly9wb3J0YWwuZm91bmRhdGlvbmZvcmludGVybWVkaWFyaWVzLmNvLnVrLz91dG1fc291cmNlPWVtYWlsLTI3LTUtMjEtcmUtZW5lcmdpc2UmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249MTA1OTAtd2l0aGRyYXdhbC0yOC1tYXkmX2NsZGVlPWMyRnRRRzlrZVhOelpYbDNaV0ZzZEdndVkyOHVkV3MlM2QmcmVjaXBpZW50aWQ9Y29udGFjdC05OWFhNDFhZjdhNTRlOTExYTk3MzAwMjI0ODA3MmFiZC05NDExYWYzOTM2N2Y0MThhYjc3NTEwMDA1ODFmMWQzNiZ1dG1fc291cmNlPUNsaWNrRGltZW5zaW9ucyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj02JTIwUmUtRW5lcmdpc2UmZXNpZD01MDBmYWFhOC1kMWJlLWViMTEtYmFjYy0wMDBkM2FkNmFlOTk&K=dbbVp22XQ70s-78qvZadkA HTTP 302
    https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
portal.foundationforintermediaries.co.uk/
Redirect Chain
  • http://cdlink.foundationforintermediaries.co.uk/c/6/?T=ODcxODk5ODg%3AcDEtYjIxMTQ3LTc2NTVmN2ViMWE2MTQxZTdiNGZjZWZjYTdjYTQyMWQ2%3Ac2FtQG9keXNzZXl3ZWFsdGguY28udWs%3AY29udGFjdC05OWFhNDFhZjdhNTRlOTExYTk...
  • https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=co...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.203.46.61 , United Kingdom, ASN44332 (ASN-CENTRILOGIC-UK, GB),
Reverse DNS
Software
/
Resource Hash
9bb87b5c200cd5e1dd51e1da2685f3244f5334bb0e0a4fc00338699911cdeb01
Security Headers
Name Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}

Request headers

Host
portal.foundationforintermediaries.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
Last-Modified
Wed, 19 May 2021 08:28:37 GMT
Accept-Ranges
bytes
ETag
"03f5cf7884cd71:0:dtagent10215210506134511Yy1c"
Set-Cookie
dtCookie=v_4_srv_1_sn_7EA596E33874675B49E8FD206739FD0A_perc_100000_ol_0_mul_1; Path=/; Domain=.foundationforintermediaries.co.uk
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true
X-Referrer-Policy
same-origin
Strict-Transport-Security
{max-age=5184000 ; includeSubDomains}
X-Content-Type-Options
{nosniff}
X-FRAME-OPTIONS
{DENY}
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
{1}
Date
Thu, 27 May 2021 09:58:22 GMT
Content-Length
1248

Redirect headers

Server
nginx/1.19.7
Date
Thu, 27 May 2021 09:58:21 GMT
Content-Length
0
Connection
keep-alive
Location
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
X-Application-Context
application:deployed:8080
ruxitagentjs_ICA2SVfqrux_10215210506134511.js
portal.foundationforintermediaries.co.uk/ 		203 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.foundationforintermediaries.co.uk/ruxitagentjs_ICA2SVfqrux_10215210506134511.js
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.203.46.61 , United Kingdom, ASN44332 (ASN-CENTRILOGIC-UK, GB),
Reverse DNS
Software
/
Resource Hash
86f9271f2b21eb8f46458a7b8a223ec5db1065ae4f324036478e8f267710d27b
Security Headers
Name Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.foundationforintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Cookie
dtCookie=v_4_srv_1_sn_7EA596E33874675B49E8FD206739FD0A_perc_100000_ol_0_mul_1
Connection
keep-alive
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
{max-age=5184000 ; includeSubDomains}
Content-Encoding
gzip
X-Content-Type-Options
{nosniff}
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
X-Permitted-Cross-Domain-Policies
none
Cache-Control
public, max-age=31536000, immutable,no-cache
Date
Thu, 27 May 2021 09:58:22 GMT
X-FRAME-OPTIONS
{DENY}
Content-Type
text/javascript; charset=utf-8
X-Referrer-Policy
same-origin
Content-Length
79467
X-XSS-Protection
{1}
Expires
Fri, 27 May 2022 09:58:21 GMT
bundle.3.14.2.js
portal.foundationforintermediaries.co.uk/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.foundationforintermediaries.co.uk/bundle.3.14.2.js?64e24d610374988195edb25a3ef807bf5503dd96
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.203.46.61 , United Kingdom, ASN44332 (ASN-CENTRILOGIC-UK, GB),
Reverse DNS
Software
/
Resource Hash
0fa986f3e71f5e1807e49cbd23205f5a481026fbf2a2336364923d2df7a7bd64
Security Headers
Name Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
portal.foundationforintermediaries.co.uk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Cookie
dtCookie=v_4_srv_1_sn_7EA596E33874675B49E8FD206739FD0A_perc_100000_ol_0_mul_1
Connection
keep-alive
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
{max-age=5184000 ; includeSubDomains}
X-Content-Type-Options
{nosniff}
Last-Modified
Wed, 26 May 2021 18:05:00 GMT
X-Permitted-Cross-Domain-Policies
none
Cache-Control
no-cache
ETag
"48e347a55952d71:0"
X-FRAME-OPTIONS
{DENY}
Content-Type
application/javascript
X-Referrer-Policy
same-origin
Date
Thu, 27 May 2021 09:58:22 GMT
Accept-Ranges
bytes
Content-Length
3729824
X-XSS-Protection
{1}
2893.js
script.crazyegg.com/pages/scripts/0075/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0075/2893.js
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e29dec6c6631e9567e5ff5b3760a620b13b71650e066b5f5af78d8046790ec7

Request headers

Referer
https://portal.foundationforintermediaries.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 09:58:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
67323
cf-polished
origSize=4157
ce-version
11.1.300
cf-request-id
0a4edbd0e600004e2c11047000000001
timing-allow-origin
*
last-modified
Wed, 26 May 2021 15:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
655e62617c314e2c-FRA
cf-bgj
minify
2893.json
script.crazyegg.com/pages/data-scripts/0075/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0075/2893.json?t=1
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/ruxitagentjs_ICA2SVfqrux_10215210506134511.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5b091f32bb4f20e4a12d5a63189a5c0bca5bd316012f7291f3b5e2fab3396b

Request headers

Referer
https://portal.foundationforintermediaries.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 09:58:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
67325
ce-version
11.1.300
content-length
1181
cf-request-id
0a4edbdc020000969e232a0000000001
timing-allow-origin
*
last-modified
Wed, 26 May 2021 15:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
655e62733a37969e-FRA
11.1.300.js
script.crazyegg.com/pages/versioned/common-scripts/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.300.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/2893.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4d123c873c45c977353c0f5cf2c5b4f20ed8c75b65e048d42f528e8dd4f271

Request headers

Referer
https://portal.foundationforintermediaries.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 09:58:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
70312
cf-ray
655e62735a544e2c-FRA
content-length
21022
cf-request-id
0a4edbdc1400004e2c11175000000001
last-modified
Mon, 24 May 2021 13:28:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
2893.json
script.crazyegg.com/pages/sampling-data-scripts/0075/ 		202 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0075/2893.json?t=450585
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/ruxitagentjs_ICA2SVfqrux_10215210506134511.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0708e323835b1032cf4a208b1f90532a713ab7358e4099fe1c20d564cbe0cf3

Request headers

Referer
https://portal.foundationforintermediaries.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 09:58:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3181
ce-version
11.1.300
content-length
167
cf-request-id
0a4edbdc2b0000969e2f2e5000000001
timing-allow-origin
*
last-modified
Thu, 27 May 2021 09:05:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
655e62737a7c969e-FRA
Cookie set rb_4894e01e-14d0-48ed-95c1-49fe8e18e02b
portal.foundationforintermediaries.co.uk/ 		592 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.foundationforintermediaries.co.uk/rb_4894e01e-14d0-48ed-95c1-49fe8e18e02b?app=987bf63c9525725c;crc=1076107602;end=1
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/ruxitagentjs_ICA2SVfqrux_10215210506134511.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.203.46.61 , United Kingdom, ASN44332 (ASN-CENTRILOGIC-UK, GB),
Reverse DNS
Software
/
Resource Hash
0d64c200c81b1a4bfa4c15678f9efafc54d4345c5726fc8aba86ba8be30b182c
Security Headers
Name Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}

Request headers

Sec-Fetch-Mode
cors
Origin
https://portal.foundationforintermediaries.co.uk
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
rxvt=1622111304516|1622109502516; dtPC=$309502510_122h-vCDAJABDMQIWUHCFRSEPQFQHCDIHFAERV-0e1; rxVisitor=1622109505723SPSRPDB7JLU5P670ALCSJH9U52IC5SCO
Connection
keep-alive
Content-Length
1730
Pragma
no-cache
Host
portal.foundationforintermediaries.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Sec-Fetch-Site
same-origin
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
{max-age=5184000 ; includeSubDomains}
X-Content-Type-Options
{nosniff}
X-Permitted-Cross-Domain-Policies
none
Cache-Control
no-cache
Date
Thu, 27 May 2021 09:58:26 GMT
X-FRAME-OPTIONS
{DENY}
Content-Type
text/plain; charset=utf-8
X-Referrer-Policy
same-origin
Set-Cookie
dtCookie=v_4_srv_1_sn_98F4C5CE4B2D2E25C07B01074C12ED21_perc_100000_ol_0_mul_1_app-3A987bf63c9525725c_1; Path=/; Domain=.foundationforintermediaries.co.uk
Content-Length
592
X-XSS-Protection
{1}
Cookie set rb_4894e01e-14d0-48ed-95c1-49fe8e18e02b
portal.foundationforintermediaries.co.uk/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.foundationforintermediaries.co.uk/rb_4894e01e-14d0-48ed-95c1-49fe8e18e02b?app=987bf63c9525725c;crc=3602698018;end=1
Requested by
Host: portal.foundationforintermediaries.co.uk
URL: https://portal.foundationforintermediaries.co.uk/ruxitagentjs_ICA2SVfqrux_10215210506134511.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.203.46.61 , United Kingdom, ASN44332 (ASN-CENTRILOGIC-UK, GB),
Reverse DNS
Software
/
Resource Hash
2745e2a22689c56de90d82768c54a5f766b894c713d301f12ec7bdecae7b69a8
Security Headers
Name Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}

Request headers

Sec-Fetch-Mode
cors
Origin
https://portal.foundationforintermediaries.co.uk
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
rxVisitor=16221095077488QFFCTKATJU3V8JAN6S4LC9K24JB8JUP
Connection
keep-alive
Content-Length
1737
Pragma
no-cache
Host
portal.foundationforintermediaries.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
Sec-Fetch-Site
same-origin
Referer
https://portal.foundationforintermediaries.co.uk/?utm_source=email-27-5-21-re-energise&utm_medium=email&utm_campaign=10590-withdrawal-28-may&_cldee=c2FtQG9keXNzZXl3ZWFsdGguY28udWs%3d&recipientid=contact-99aa41af7a54e911a973002248072abd-9411af39367f418ab7751000581f1d36&utm_source=ClickDimensions&utm_medium=email&utm_campaign=6%20Re-Energise&esid=500faaa8-d1be-eb11-bacc-000d3ad6ae99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
{max-age=5184000 ; includeSubDomains}
X-Content-Type-Options
{nosniff}
X-Permitted-Cross-Domain-Policies
none
Cache-Control
no-cache
Date
Thu, 27 May 2021 09:58:27 GMT
X-FRAME-OPTIONS
{DENY}
Content-Type
text/plain; charset=utf-8
X-Referrer-Policy
same-origin
Set-Cookie
dtCookie=v_4_srv_1_sn_7B7A0A9491B3F839703933576D8354F7_perc_100000_ol_0_mul_1_app-3A987bf63c9525725c_1; Path=/; Domain=.foundationforintermediaries.co.uk
Content-Length
602
X-XSS-Protection
{1}

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dT_ object| dtrum object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ function| _ object| scCGSHMRCache object| store boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL object| CE2BH

2 Cookies

Domain/Path Name / Value
.foundationforintermediaries.co.uk/ Name: dtPC
Value: $309502510_122h-vCDAJABDMQIWUHCFRSEPQFQHCDIHFAERV-0e1
.foundationforintermediaries.co.uk/ Name: rxvt
Value: 1622111304516|1622109502516

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security {max-age=5184000 ; includeSubDomains}
X-Content-Type-Options {nosniff}
X-Frame-Options {DENY}
X-Xss-Protection {1}