Submitted URL: https://account.mitrefinch.co.uk/
Effective URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Submission: On March 18 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2620:1ec:bdf::10, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is account.mitrefinch.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 21st 2019. Valid for: a year.
This is the only time account.mitrefinch.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2620:1ec:bdf::10 8068 (MICROSOFT...)
3 23.37.33.211 16625 (AKAMAI-AS)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
9 3
Apex Domain
Subdomains
Transfer
6 mitrefinch.co.uk
account.mitrefinch.co.uk
66 KB
4 typekit.net
use.typekit.net
p.typekit.net
35 KB
9 2
Domain Requested by
6 account.mitrefinch.co.uk 1 redirects account.mitrefinch.co.uk
3 use.typekit.net account.mitrefinch.co.uk
1 p.typekit.net account.mitrefinch.co.uk
9 3

This site contains no links.

Subject Issuer Validity Valid
account.mitrefinch.co.uk
DigiCert SHA2 Secure Server CA
2019-06-21 -
2020-06-21
a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh

This page contains 1 frames:

Primary Page: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Frame ID: F20812B570B2FD830B6C51EF6FEC008D
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://account.mitrefinch.co.uk/ HTTP 302
    https://account.mitrefinch.co.uk/account/login?returnUrl=%2F Page URL

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

99 kB
Transfer

223 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.mitrefinch.co.uk/ HTTP 302
    https://account.mitrefinch.co.uk/account/login?returnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
account.mitrefinch.co.uk/account/
Redirect Chain
  • https://account.mitrefinch.co.uk/
  • https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
3 KB
2 KB
Document
General
Full URL
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53ecc984ed4281aff8c4cec8be8f92225d149bd217b8d62f628eed93c5487c64
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
account.mitrefinch.co.uk
:scheme
https
:path
/account/login?returnUrl=%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
.AspNetCore.Antiforgery.55sTwEBGFzQ=CfDJ8MBr8UjNYvFFmjSa2O_SMP9y1LM8m7KeackLP-ITjTpZI2sXXcTe154DLkYCTXQnShHotvWzSNdXQOA8GJ8OOELccnS0RHC-kKq3RPdxPcLsHT03PC960U74TL7RoMIV3biKA7Qau-nOOg6aJtmkClQ; path=/; secure; samesite=strict; httponly ARRAffinity=2ffed4ff1d0dbe3cc61bcd7a06c75808d14fc1a694139aec2fd1c5a991bc17a3;Path=/;HttpOnly;Domain=mitrefinch-account-prod-eu-1-account-web.azurewebsites.net
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
x-frame-options
sameorigin
x-xss-protection
1; mode=block
x-content-type-options
nosniff
feature-policy
encrypted-media 'none'; payment 'none'
content-security-policy
default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
x-content-security-policy
default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
x-azure-ref
0OhByXgAAAAAnMAMZo143SoAhQ6lS0B8yRlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
date
Wed, 18 Mar 2020 12:12:42 GMT

Redirect headers

status
302
cache-control
no-cache, no-store
pragma
no-cache
location
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
set-cookie
ARRAffinity=2ffed4ff1d0dbe3cc61bcd7a06c75808d14fc1a694139aec2fd1c5a991bc17a3;Path=/;HttpOnly;Domain=mitrefinch-account-prod-eu-1-account-web.azurewebsites.net
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
x-frame-options
sameorigin
x-xss-protection
1; mode=block
x-content-type-options
nosniff
feature-policy
encrypted-media 'none'; payment 'none'
content-security-policy
default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
x-content-security-policy
default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
x-azure-ref
0OhByXgAAAABW8yU/8+NdQYyf8hmD0NaORlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
date
Wed, 18 Mar 2020 12:12:42 GMT
content-length
0
jmr4mcz.css
use.typekit.net/
3 KB
918 B
Stylesheet
General
Full URL
https://use.typekit.net/jmr4mcz.css
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
407d005bec427b4d58559be7191eeb86826e2bf5073bb238ff09674834bf87d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://account.mitrefinch.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Wed, 18 Mar 2020 12:12:42 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
718
site.min.css
account.mitrefinch.co.uk/css/
150 KB
30 KB
Stylesheet
General
Full URL
https://account.mitrefinch.co.uk/css/site.min.css?v=jKpJgEWqXSAfT2nmJAA5zMbo4rUudJ6GOQk9CHO2rO4
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
86a76b03b1062765464e306aaea121670c5e6a1aa936d6d0f1042d0fc48469c8

Request headers

Referer
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 07:55:00 GMT
etag
"1d5fc315bbeb4a0"
vary
Accept-Encoding
content-type
text/css
status
200
x-azure-ref
0OhByXgAAAABGKPUo+G3kT4TR2aw/+O20RlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
accept-ranges
bytes
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
sign.min.css
account.mitrefinch.co.uk/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://account.mitrefinch.co.uk/css/sign.min.css?v=SEl2eUulej3YbJCyc_jRhDxRBOLlSHzAtqddf-a32sQ
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
484976794ba57a3dd86c90b273f8d1843c5104e2e5487cc0b6a75d7fe6b7dac4

Request headers

Referer
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
content-encoding
gzip
last-modified
Fri, 06 Mar 2020 11:37:54 GMT
etag
"1d5f3abacb818f3"
vary
Accept-Encoding
content-type
text/css
status
200
x-azure-ref
0OhByXgAAAAAHOhk63N9/S7yCArVB3fPRRlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
accept-ranges
bytes
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
mf-grey-logo.svg
account.mitrefinch.co.uk/images/
12 KB
12 KB
Image
General
Full URL
https://account.mitrefinch.co.uk/images/mf-grey-logo.svg
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d39b88b19c4bbc6b7e70b75702539c7a1b69d41d0e8e7599931a4cc6922b84a

Request headers

Referer
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
last-modified
Fri, 06 Mar 2020 07:55:32 GMT
etag
"1d5f38c9c44423f"
x-azure-ref
0OhByXgAAAABh9HFYN/1eRa5tiIwwMOcuRlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
12351
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
mf-powered-by-logo.svg
account.mitrefinch.co.uk/images/
18 KB
18 KB
Image
General
Full URL
https://account.mitrefinch.co.uk/images/mf-powered-by-logo.svg
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae5a8a4edea86203d215a087589e7beafa4245f4155aa3250abff4e81d6b3bbc

Request headers

Referer
https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
last-modified
Fri, 06 Mar 2020 07:55:32 GMT
etag
"1d5f38c9c443af4"
x-azure-ref
0OhByXgAAAAALuu+8Jr9ZQLoC1bdH/2j4RlJBRURHRTEwMTEAYmVjNDYxYTUtM2NmOC00ODBhLTkwMjItYzI5ZGJjOTAyNWYx
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
18676
request-context
appId=cid-v1:2c318d0d-7657-452c-a750-1b7dc54f55fc
p.css
p.typekit.net/
5 B
334 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=jmr4mcz&ht=tk&f=2005.2006.2011.2012&a=14109269&app=typekit&e=css
Requested by
Host: account.mitrefinch.co.uk
URL: https://account.mitrefinch.co.uk/account/login?returnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:4a0::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://account.mitrefinch.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 18 Mar 2020 12:12:42 GMT
Last-Modified
Mon, 04 Feb 2019 20:54:30 GMT
Server
nginx
ETag
"5c58a686-5"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5
Expires
Sat, 31 Aug 2019 14:03:13 GMT
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
788b2492ecc7de4022b4431e83f7f39239f53e40327577956b150dd40ee6feb5

Request headers

Referer
https://use.typekit.net/jmr4mcz.css
Origin
https://account.mitrefinch.co.uk
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
server
nginx
access-control-allow-origin
*
etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
17028
l
use.typekit.net/af/9cf49e/00000000000000000000e807/27/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/9cf49e/00000000000000000000e807/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-33-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ffd7399ad14f19f3aca7c09b4865913f84334dc8821fafcb931054d0dfaef9a0

Request headers

Referer
https://use.typekit.net/jmr4mcz.css
Origin
https://account.mitrefinch.co.uk
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Mar 2020 12:12:42 GMT
server
nginx
access-control-allow-origin
*
etag
"913296c9ffe9c1f97e163e531cc2022a12d91b5a"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
16724

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
account.mitrefinch.co.uk/ Name: .AspNetCore.Antiforgery.55sTwEBGFzQ
Value: CfDJ8MBr8UjNYvFFmjSa2O_SMP9y1LM8m7KeackLP-ITjTpZI2sXXcTe154DLkYCTXQnShHotvWzSNdXQOA8GJ8OOELccnS0RHC-kKq3RPdxPcLsHT03PC960U74TL7RoMIV3biKA7Qau-nOOg6aJtmkClQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src 'self' ;style-src 'self' https://use.typekit.net https://p.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net 'unsafe-inline';script-src 'self' 'sha256-VuNUSJ59bpCpw62HM2JG/hCyGiqoPN3NqGvNXQPU+rY=' 'nonce-85bc775a-d43f-401c-b870-fd71be15b4d5' https://az416426.vo.msecnd.net https://dc.services.visualstudio.com 'nonce-spy1cckjipkvbiucvofp';font-src 'self' https://use.typekit.net https://mitrefinch-kernel-dev-eu-1-kernel-web.azurewebsites.net https://mitrefinch-kernel-prod-eu-1-kernel-web.azurewebsites.net;img-src 'self' ;connect-src 'self' https://dc.services.visualstudio.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block