urlscan.io logo urlscan.io
SecurityTrails logo

login.gordonlaw.co.uk Open in urlscan Pro
51.140.59.233  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.gordonlaw.co.uk/
Effective URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Submission: On November 11 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 51.140.59.233, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.gordonlaw.co.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 9th 2023. Valid for: a year.
This is the only time login.gordonlaw.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 51.140.59.233 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20.209.128.132 8075 (MICROSOFT...)
2 142.250.186.35 15169 (GOOGLE)
16 6
6    51.140.59.233 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.gordonlaw.co.uk
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    20.209.128.132 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lfsstatics.z33.web.core.windows.net
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 gordonlaw.co.uk
login.gordonlaw.co.uk
62 KB
4 windows.net
lfsstatics.z33.web.core.windows.net
512 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
3 KB
0 aspnetcdn.com Failed
ajax.aspnetcdn.com Failed
16 6
Domain Requested by
6 login.gordonlaw.co.uk 1 redirects login.gordonlaw.co.uk
4 lfsstatics.z33.web.core.windows.net login.gordonlaw.co.uk
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com login.gordonlaw.co.uk
1 cdnjs.cloudflare.com login.gordonlaw.co.uk
0 ajax.aspnetcdn.com Failed login.gordonlaw.co.uk
16 6

This site contains no links.

Subject Issuer Validity Valid
portal.gordonlaw.co.uk
Go Daddy Secure Certificate Authority - G2		 2023-11-09 -
2024-12-10		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-10-26 -
2025-04-24		 6 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Frame ID: 72AF8EF24A07CB0F4D78739240A1B306
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Andrew Gordon & Co - Log in

Page URL History Show full URLs

  1. https://login.gordonlaw.co.uk/ HTTP 302
    https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

88 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

614 kB
Transfer

739 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.gordonlaw.co.uk/ HTTP 302
    https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
login.gordonlaw.co.uk/Account/
Redirect Chain
  • https://login.gordonlaw.co.uk/
  • https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.59.233 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9383a29d28722ed97adea58de6d04841b82e445dd887e5f16af0d22faf79125c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Nov 2024 11:55:31 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Security-Policy
default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

Content-Length
0
Date
Mon, 11 Nov 2024 11:55:31 GMT
Location
https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 11:55:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 11:55:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 11 Nov 2024 11:55:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afca11db454eedaada10325ffbae12d670cfa00926f3cf91388da29a39dc031d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 11:55:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 11:55:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 11 Nov 2024 11:00:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/css/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/css/intlTelInput.css
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5531f129993bf253087f90f8c2375cb402354fd4f107f7a4b279ab45dd115961
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ea6-6a63"
age
486
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9F36cVDD7TqXJQ7I1iJEU57nb8%2B9r3lC3WL7rfgdva%2BwN%2BcodI%2B4yxPWjoec5LabWXciTpiBYvRiBwftIg%2BL4w1sr4GSCO%2FBj51benkbI5yR09N%2Bpwv9u0Kvp%2BiIQfRaaLB706%2FOfxP0LzUwV1ZQpPK"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 11:55:32 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 11:55:32 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0e180568bc63e1-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2178
server
cloudflare
site.min.css
login.gordonlaw.co.uk/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.gordonlaw.co.uk/css/site.min.css
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.59.233 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f24d3d51e813ca20e645a9158bfabf87963174c871f7103c2a9d8dc6f9ee422

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
X-Powered-By
ASP.NET
Content-Encoding
gzip
ETag
"1db11170bf3ad42"
Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Accept-Ranges
bytes
Date
Mon, 11 Nov 2024 11:55:31 GMT
Content-Type
text/css
Last-Modified
Fri, 27 Sep 2024 19:54:22 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
material.min.css
lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/ 		121 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/material.min.css
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.128.132 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22f0f92301772e6806426069701e8dd92f9333de094cd9564ee42ec245de9dd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
must-revalidate, max-age=604800
x-ms-version
2018-03-28
ETag
"0x8DC24A2FD7B3B91"
x-ms-request-id
daf99b4a-601e-0000-3030-348060000000
Accept-Ranges
bytes
Content-Length
124283
Date
Mon, 11 Nov 2024 11:55:31 GMT
Content-Type
text/css
Last-Modified
Sat, 03 Feb 2024 10:29:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
login.css
lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/login.css
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.128.132 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bfa5a494b114d79efbdcafee6d624c274f2cfb61d3ffbb80d7838a863087bdf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
must-revalidate, max-age=604800
x-ms-version
2018-03-28
ETag
"0x8DC24A2FD7B3B91"
x-ms-request-id
ee2fddfc-b01e-0003-0330-346104000000
Accept-Ranges
bytes
Content-Length
1315
Date
Mon, 11 Nov 2024 11:55:31 GMT
Content-Type
text/css
Last-Modified
Sat, 03 Feb 2024 10:29:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
logo.png
lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/logo.png
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.128.132 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0f4af3d6d42bf95fee323b0c942f26ef983a62ed041da54dc10506b3d514c2e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
must-revalidate, max-age=604800
x-ms-version
2018-03-28
ETag
"0x8DC24A2FD7C73F5"
x-ms-request-id
ee2fdf19-b01e-0003-7d30-346104000000
Accept-Ranges
bytes
Content-Length
26795
Date
Mon, 11 Nov 2024 11:55:32 GMT
Content-Type
image/png
Last-Modified
Sat, 03 Feb 2024 10:29:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
material.min.js
login.gordonlaw.co.uk/lib/material/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.gordonlaw.co.uk/lib/material/material.min.js
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.59.233 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7743d0cce9528fb6bd8d133d626303945a54b7907edc7dd0a5af33a7135fd48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
X-Powered-By
ASP.NET
Content-Encoding
gzip
ETag
"1db11170bf35896"
Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Accept-Ranges
bytes
Date
Mon, 11 Nov 2024 11:55:31 GMT
Content-Type
text/javascript
Last-Modified
Fri, 27 Sep 2024 19:54:22 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
jquery-2.2.0.min.js
ajax.aspnetcdn.com/ajax/jquery/ 		0
0
jquery.min.js
login.gordonlaw.co.uk/lib/jquery/dist/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.gordonlaw.co.uk/lib/jquery/dist/jquery.min.js
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.59.233 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.gordonlaw.co.uk
Referer

Response headers

Transfer-Encoding
chunked
X-Powered-By
ASP.NET
Content-Encoding
gzip
ETag
"1db11170bf2f684"
Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Accept-Ranges
bytes
Date
Mon, 11 Nov 2024 11:55:32 GMT
Content-Type
text/javascript
Last-Modified
Fri, 27 Sep 2024 19:54:22 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
background.jpeg
lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/ 		362 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lfsstatics.z33.web.core.windows.net/login.gordonlaw.co.uk/background.jpeg
Requested by
Host: login.gordonlaw.co.uk
URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.128.132 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d2c1c442cb79a2efd2142b9fdfe5b02203ea799cfab1c03f0bc1529056880108

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.gordonlaw.co.uk/

Response headers

Cache-Control
must-revalidate, max-age=604800
x-ms-version
2018-03-28
ETag
"0x8DA13C3132C19C3"
x-ms-request-id
daf99dbc-601e-0000-6a30-348060000000
Accept-Ranges
bytes
Content-Length
370489
Date
Mon, 11 Nov 2024 11:55:32 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 01 Apr 2022 09:36:18 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.gordonlaw.co.uk
Referer
https://fonts.googleapis.com/

Response headers

age
567791
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 22:12:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 22:12:21 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.gordonlaw.co.uk
Referer
https://fonts.googleapis.com/

Response headers

age
419729
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 		0
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b145fabb1f346775eff7abdf3722855c8e1a1029dea7448716caa031648463bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.gordonlaw.co.uk
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
login.gordonlaw.co.uk/ 		0
201 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.gordonlaw.co.uk/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.140.59.233 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Request-Context
appId=cid-v1:a58a4807-5704-4c38-b069-95b4a56f1729
Content-Length
0
Date
Mon, 11 Nov 2024 11:55:34 GMT
X-Powered-By
ASP.NET
Server
Microsoft-IIS/10.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.aspnetcdn.com
URL
https://ajax.aspnetcdn.com/ajax/jquery/jquery-2.2.0.min.js
Domain
ajax.aspnetcdn.com
URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| componentHandler function| MaterialButton function| MaterialCheckbox function| MaterialIconToggle function| MaterialMenu function| MaterialProgress function| MaterialRadio function| MaterialSlider function| MaterialSnackbar function| MaterialSpinner function| MaterialSwitch function| MaterialTabs function| MaterialTextfield function| MaterialTooltip function| MaterialLayout function| MaterialLayoutTab function| MaterialDataTable function| MaterialRipple

3 Cookies

Domain/Path Name / Value
.login.gordonlaw.co.uk/ Name: ARRAffinity
Value: 0167904c093642b6eb1372d43ab24808f2271061b5c98f5a81aaceaaff5f0ca1
.login.gordonlaw.co.uk/ Name: ARRAffinitySameSite
Value: 0167904c093642b6eb1372d43ab24808f2271061b5c98f5a81aaceaaff5f0ca1
login.gordonlaw.co.uk/ Name: .AspNetCore.Antiforgery.ACRvWUGt-Uo
Value: CfDJ8CfrfhiOLNhMpDbmSAzvPnPfEt8ReXAMrEiqCRC_P_HnEpNRb-nU5_uN1QRq-HTMuQpKSrVQ4kgz91UgkMq9sto9Leskb_3qghXBhdGRiGBPuDpTqGga_4Qi6lOJHeHW-3doSX9hW_ihHefHrw5Ykno

6 Console Messages

Source Level URL
Text
security warning URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Message:
Refused to load the script 'https://ajax.aspnetcdn.com/ajax/jquery/jquery-2.2.0.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://login.gordonlaw.co.uk/lib/jquery/dist/jquery.min.js' with computed SHA-384 integrity 'ZvpUoO/+PpLXR1lu4jmpXWu80pZlYUAfxl5NsBMWOEPSjUn/6Z/hRTt8+pR6L4N2'. The resource has been blocked.
security error URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Message:
Refused to load the script 'https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation verbose URL: https://login.gordonlaw.co.uk/Account/Login?ReturnUrl=%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://login.gordonlaw.co.uk/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy default-src 'self'; connect-src 'self' wss://localhost:44324/IdentityServer/; style-src 'self' 'unsafe-inline' https://lfsstatics.z33.web.core.windows.net https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://lfsstatics.z33.web.core.windows.net data: ; script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN