urlscan.io logo urlscan.io
SecurityTrails logo

nuffieldstaff.stauk.apcoa.com Open in urlscan Pro
20.49.244.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nuffieldstaff.stauk.apcoa.com/
Effective URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Submission: On June 18 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 63 HTTP transactions. The main IP is 20.49.244.37, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is nuffieldstaff.stauk.apcoa.com.
TLS certificate: Issued by R3 on May 30th 2024. Valid for: 3 months.
This is the only time nuffieldstaff.stauk.apcoa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 46 20.49.244.37 8075 (MICROSOFT...)
16 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
63 4
Apex Domain
Subdomains		 Transfer
46 apcoa.com
nuffieldstaff.stauk.apcoa.com
305 KB
16 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
396 KB
1 gstatic.com
www.gstatic.com
205 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
63 4
Domain Requested by
46 nuffieldstaff.stauk.apcoa.com 1 redirects nuffieldstaff.stauk.apcoa.com
16 cdnjs.cloudflare.com nuffieldstaff.stauk.apcoa.com
cdnjs.cloudflare.com
1 www.gstatic.com www.google.com
1 www.google.com nuffieldstaff.stauk.apcoa.com
63 4

This site contains links to these domains. Also see Links.

Domain
rewards.apcoa.co.uk
www.geminiparkingsolutions.com
www.apcoa.co.uk
Subject Issuer Validity Valid
nuffieldstaff.stauk.apcoa.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
www.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Frame ID: EE8E6FFE3206F9ABB7FC9F6A02BCC444
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nuffield Staff

Page URL History Show full URLs

  1. https://nuffieldstaff.stauk.apcoa.com/ HTTP 302
    https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

906 kB
Transfer

2306 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nuffieldstaff.stauk.apcoa.com/ HTTP 302
    https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
nuffieldstaff.stauk.apcoa.com/account/
Redirect Chain
  • https://nuffieldstaff.stauk.apcoa.com/
  • https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6fbaf985ee9dcd9e8e93bf1e8a59796e37520a1d1d040142c634ccbd1ed032a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store,no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jun 2024 04:18:33 GMT
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Date
Tue, 18 Jun 2024 04:18:33 GMT
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Location
/account/login?returnUrl=%2f
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
985122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17522
last-modified
Tue, 12 May 2020 17:56:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ebae359-27293"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkO6Aqa4TqpyxDCYvyVbQvTDyoLzAEfqf6%2BMDz25%2Bh9JwLCT8zy2ap76AZcDQVJV65q5Mor5RKhYvos7bAqfd48v6Wf4F6gPVdzqvyp1N%2BMrKk45qto9A7ZJajI8A6%2Fucug2gNBYQt4HwGJVwLhKEIn%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a426559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28112
last-modified
Wed, 21 Dec 2022 00:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63a24ddb-6dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3b79uhoR3cTz3KvkVptJIO4XDV7ECf6bf3hn6TR5A191tptWz1T5YXeixzPHiN0yG1OJPu26KM7J7waIUJs%2BfYCwJHGwJUJeoXtK5W6aagTOsdWB6IGoY%2BAlVxcB0YfhJkmIwC8WT%2FK32RoRqIaUAff"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a406559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/jquery.validate.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
449829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7032
last-modified
Fri, 01 Jul 2022 15:30:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62bf130f-1b78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXVwXfZ27K1UMj7DDIS9lx9flr%2B15iE3QCRxwF%2BK2AX%2B2aXhIVsmeevPUC1AE2d%2Bi5Ku3NU0hsdrGkcvess8hQlWXCZQ8kyg57PQWnX8CodxUD%2FmqmF%2B8VTnNZtSLjDjKxxd1xR6sjF379VcS0JotyhD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a386559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery.validate.unobtrusive.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/4.0.0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/4.0.0/jquery.validate.unobtrusive.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1934
last-modified
Wed, 20 Jul 2022 20:36:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62d8676b-78e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyMBDElywM9sdmwaoHa1Db956j3L8KCrcj0NpBkrkNkDIyZX9Fa5h3JXRIBMG4WM2JGbNeIJIc9RNRXsI%2FGIIVo267lZm5dM96HYXgrFB%2Bi18siQ4mwqMXKemdgORknHKSwXLq%2F72AHozW2%2FDEBqu%2FYh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a3e6559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/ 		249 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
388352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56990
last-modified
Fri, 29 Jul 2022 20:40:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62e445d5-de9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wsqWke8bsUuZGIz0w5jRvyUadWLhcufrf2bqtgnnLRPDZ5wN00nEta29ZOmVE4EadEAkBMQ7b%2FXgldbQnlA7%2BikhvZVrrETI6PgxJfOC1i61GZmv%2BWXBfXe4q%2BnEe2pmLShFNVmUHhoS2hlUlttqUV3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a3b6559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
981818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPF8imxmYDNvklRm%2BOPDM4kliQLpHiDnzUoBhTvEumLaqsk%2BHQWlT%2BPgLZqZHhGqKYe%2FBa0WkH1GPnLEqeUsmuMz3m13D9ZiDKBIpEkFnYOVanKtlN6TC8Hd0Pt0KUYa90QHGvbgCGtwYg0YOc5ISim7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a396559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
v4-shims.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/v4-shims.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3037f42050da6c98f31f801c26a5fe3df7327240ce40314b805e5e25b052ea2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
347405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3653
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-e45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRbuwKjh3NnrB6iRcvQmq8VwaR%2FE11OhQI1OvvRMd0i4wjZofUVLeflSyJe%2BUTqrollQ9%2B6c46bru8bulon2AGDDTpkLV5g%2BiV%2FGUfdiQ9Vi7xXRpe7%2Fmyq%2B9FcsBXqpZbbPGLrQgRIRPChVzMH8oTsJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a3a6559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
254771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsPr%2BY%2BnYhwlx8M%2FB5BDVd%2BZXEeNKUzYicW48%2FOPab%2F9TJNaL1C1p00DoyaaqyNqNGsxxd0vJtPB%2BH9cK4wf3Pbr%2BceXqEcogufhk%2FjrLiyFS4lk1Ai55thgIxU291u2RsuRsDcy87Mq3gIg0SEI22VL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a346559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13080
last-modified
Tue, 12 May 2020 17:56:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ebae359-eb0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg9XxEfJziy%2ByQFXtL2JlwxDagOcAG8V0S7NiF7uP0G6rOO%2FVvbbVqc5jPGkAw2Wd3H%2FcY5KRuC7Iu1smBSfp26PjobpQN7oqiS2%2BQ1Vax0UkCsxyY1OZcjVZkYyiZkCTAuCTjtcrHrbMNewEAkqI7CF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a356559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 		360 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment-with-locales.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
268339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
59023
last-modified
Wed, 06 Jul 2022 23:03:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62c614dc-e68f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BcGLpL38ChQOvVkntRx6ZJLWbe1yu8DCIapyiX%2BsE4tauRqPky2GKeDHwlGy4h8tH5Kz1L3SuHBIZrAfQ%2BFszcpv338zIXlnB%2FSjt8sDSz%2F%2B%2FjS89v3EHy42ihwZUN5ipnj7iKvlW92NNo2AxeKRUrs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a366559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
moment-timezone-with-data-1970-2030.min.js
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.40/ 		132 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.40/moment-timezone-with-data-1970-2030.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06b15418b676b33d83d9f97cc8e8de6e9bd28c0b8ab6fbd8207c61cf901fa41
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
379865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16297
last-modified
Sun, 11 Dec 2022 23:39:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63966a14-3fa9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qmIKCGfCZKr2ynCeAwbidwveeySrKhnopXdHpW4Zy77PufJjnrZXXCRwEOlTnw4QvVVOCmXCKvepnf%2FBq9eQ1OFj1%2BlTedaPtAO2bgo55njmDyKqpwC%2FSJ1edGb5%2F6M8adHvIHwWgTwCvJ%2B609Itom1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a496559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
tempusdominus-bootstrap-4.min.js
cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.39.0/js/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.39.0/js/tempusdominus-bootstrap-4.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569a98cd5a225d69c9e8e586cea6eb7968d64b9a6ede62e8ab24122f2403e9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1147397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11691
last-modified
Wed, 25 Nov 2020 21:07:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fbec78a-f094"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGAdqTDQomB5IfL4vvlYzXhksRhVyb3BSy9P0y1wvucvzWWQOdLuZ2pgMQlmu1WoV9sGW4wrz%2FyFeaaqvy58mYkUONRbs%2BsbaoDYm%2BSpxq%2F8sxDPhu9zYQwpKWuWgFL8mhRvJVYCYEytcREqKhdvDCO3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a466559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
tempusdominus-bootstrap-4.min.css
cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.39.0/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tempusdominus-bootstrap-4/5.39.0/css/tempusdominus-bootstrap-4.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bb5891e0283fbadd766beb14ec761f7ca0280f1901d48d25e268bdde014f0a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2694741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1591
last-modified
Wed, 25 Nov 2020 21:07:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fbec78a-2ebb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqJ3Z205MbIODXILhMS8zem8GRJaY7G5deTEwFjQxA692O9fkdwq4LbA5QTCk365vS%2B8OBanOgyiNxlAdwY%2BldEuZW0mkOMOaiphRgjIh6ecq6pIMOa0qyrNA65DKsOqi%2BLjDPF5KiWDL37RbjYoV%2Bon"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a456559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery.unobtrusive-ajax.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-ajax-unobtrusive/3.2.6/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-ajax-unobtrusive/3.2.6/jquery.unobtrusive-ajax.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
977097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1470
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-fdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STRpdG87WxulT3mKMbhlIsGfEa8BgFp9fbMuNNv2De07YfakZwBoUheEA%2ByDn0NJaRBz4reoB3OOgMWeEYdl24oMDsIDIGam4U0gdOFQDNNLR8KsM4KxrAfZnuoZ6YY4uHXwZYcoG8DvSp5368XRB8hV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a446559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
jquery-ui.multidatespicker.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-ui-multidatespicker/1.6.6/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-ui-multidatespicker/1.6.6/jquery-ui.multidatespicker.min.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f065aef7cff99e62b64d582274f73bca8efec3c9e3a0e47e91e9a5dedcf858ae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
386316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
last-modified
Mon, 25 May 2020 21:23:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ecc3768-2169"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPupftxn5kKDAt0rozS3zEpxpCAc%2FAOZoEFo1CmR0HoOPELWa6%2BstJAj84egEzw%2FByJ1A9rUembwsk5YtX5LUNjS0CBXesJZBNBefDKB%2ByQneZD%2BvnODP5qrUtrJ11wNVtLxAibkgCGyVisH%2BM58vs7Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e32a476559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
JQloader.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/JQloader.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e1935197d5ede44c387d67b687c9d41539ead6cf63ca098e94656cf5b41ff3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd27b"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Account.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Account.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbc5d3ce1fc6f9df26123c5fda116ff8ae4f6d7b8973139e90cd61d64e894e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbde77"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
AjaxAndValidation.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/AjaxAndValidation.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
442d3043976820cb8ea464c7633dccb994cccfa9a22da744aee320d4090a0298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc661"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
CarParkInfo.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/CarParkInfo.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
993ecf6efc5a2f1625d35256e730c8e7ac0494910827081e7d6958d90f8fbab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc764"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
CarParks.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/CarParks.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
743d402842c5d7d15f4ed5fdd6c80dddd2c3b0424dc0e3c0fea324b1c04258aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbdea1"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Consumer.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Consumer.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e57578f39ec51ffffca2a58780f2cecc995f36df687d2bc1018983f7bc67c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd33f"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ConsumerVehicle.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ConsumerVehicle.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
82506a65ab08c8099650e5af5251af844d37f0e095bfae8f23fcac2a9379d791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbf75e"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Cookies.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Cookies.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
959e1206b040d41f064189a60ab4efbc0a2346a5a52fc80d7e3180a815871c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd3c1"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
DataTables.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/DataTables.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f07aff014e5941654b21404660217f7c4a62e427a3890e005c11e4a73f5095d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd335"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
DatePickerArrows.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/DatePickerArrows.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4e13a9b982bada42258552c60aae6c106735c433d8e22a54a1a199859de7d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc30d"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
DateTimePickers.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/DateTimePickers.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71de107ddcc2857f840ac3605f3146ff0e15684ea69475b73ef608f5bb9429e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd2c2"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ElectricCharging.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ElectricCharging.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
24e5891f09428d87130eed989a20ef04f9f8fc819862d4a41094279f264ed38e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbddfa"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Events.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Events.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eea859a0c5bc51de01b0ac93f3b4ae4e43ec989cde9eb4ce582a0fc4cfa95b86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbdc55"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
FreeStay.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/FreeStay.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5929da9ea745f45d123fb972727100784a438c7bb711c0933bba5cd69b0fc757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd94f"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Gate.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Gate.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4cbfacfbbdbcf648cfb4e37aae1e12624d0878b2bcde3c4796848f3687b44822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd819"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
GooglePlaces.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/GooglePlaces.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
69fe72754ad58a193a60d832bb7ac639878b7c9c6e6137544646dadf479648e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd12c"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
GoogleTagManager.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		711 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/GoogleTagManager.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dcf1340186b8e4464a13def19715c0f91165f418d1b6da8336ba774ef6064009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd5c7"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ManageBooking.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ManageBooking.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45161dcdec145b766590533541424f8cdd48e24d8ee8cbe800ccc50575281f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc44e"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ModalCustomerVehicles.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ModalCustomerVehicles.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c729e8a07fbd7b3800e80e1e0c6b4001f802ea0cf73b7f1de059a8a4b4bed78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd8fe"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
MultiUsePass.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/MultiUsePass.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23cdbc49b2d035f6de4f1d3b4bc9f84d4a1089496a13fc52705a68878f578468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc571"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
NearestCarparks.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/NearestCarparks.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4fc3cb93f50afc78b9b08918df72338b4ce1b4b04e2f581ff753d301dec0a8de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc756"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ProductExtras.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ProductExtras.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5dbc633ada44ec974a3ce4b08bb9b00970c69173457c8bc13dbe88b9cc163a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc265"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Products.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Products.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
478f25067c4a2a7ab5f5477949d1b779757dd758efa95f4408774f552ea95ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc360"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Search.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Search.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
17219ef68ac0158365c227141dc5354fedc9b9ae2c51d20239b1c69a5e5aaaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc35c"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
SeasonTicket.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/SeasonTicket.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1da73dfe940ad81b19f6956081fdcd9e957fc3b76c1978941ccbdda07707081e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc4af"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
ShadowBookings.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ShadowBookings.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf02897a0d32bb4dad4405d5c1d8febab893212ff9fedf21ad87e0b65d71a43c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbc6ba"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Stripe.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Stripe.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b02c43d2757c1739c754524e7e33fb03727bf686b99a1c21aba94911f22d058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbfb24"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Trip.js
nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/js/CompiledCustomMin/Trip.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20f6b02ebb419125938c201d3908a015e9e5c3e64cdf7be785f90fa56aa466d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbda97"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
mdp.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		1 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/mdp.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c6d4266e0ce7cecad1d3576bc19756af3ae1dca2f72c43b6c08afb3400078489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd369"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
SharedVariables.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		1 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/SharedVariables.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f76ac224c79f9617e078d791993c49a883ab84f0064a7dc7aad447a3b953b3bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd2b9"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
VariablesUk_246.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		451 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/VariablesUk_246.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
284296120707bacadeecb374485af6e1a402ca27784caf26a0edb452adf78c53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd6c3"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Shared.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/Shared.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c7d8107fa714e734a23a31fcc75c4ab51a4c346f6e9370279d984c3505d5339d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbd832"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
SharedFolder.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/SharedFolder.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13c811d14d7e730e66c6b71058524c0cbbf3603f08a9fcbf868ca2dcc40dc51a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdb1952"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
Uk_246.min.css
nuffieldstaff.stauk.apcoa.com/css/Minified/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/css/Minified/Uk_246.min.css
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14b8cbe1dc82a54b1d5a9268db3a5576e5dfce49a0b8bc0aca891fb68f12c8cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdbdefa"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e120bb5ca9c62d21b247ac3f4a564dabb0aeeda65742f453e2b2675cc420d9ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 18 Jun 2024 04:18:34 GMT
MainLogo.png
nuffieldstaff.stauk.apcoa.com/image/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/MainLogo.png
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7440c18f1b9446c945e4e09ee2f9bed36e50811d66a14f4ca4f3569275a15b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
5076
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
RewardsBenefitsLogo.jpg
nuffieldstaff.stauk.apcoa.com/image/ 		12 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/RewardsBenefitsLogo.jpg
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0cab8b53a4cd13db8a0d89b30abaf27052d7d4883989b3af0ec066374355b4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
12491
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
HeroImage-sm.png
nuffieldstaff.stauk.apcoa.com/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/HeroImage-sm.png
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0dc73942852063e68a9290e9a8670fe070bd36d5ab9246da9dcd978998a327d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId,Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
HeroImage-md.png
nuffieldstaff.stauk.apcoa.com/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/HeroImage-md.png
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2201cbadfde5b89c55f9cb8a9bf044f74ee0e0f1ff7e3e46d36ffe83b7c0cbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId,Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
HeroImage-lg.png
nuffieldstaff.stauk.apcoa.com/image/ 		52 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/HeroImage-lg.png
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dab4732d60620304d6b0c48869e0765bcefe2deff2cd0c420be39ea7a3235d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
52794
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
ApcoaLogoTransparent.png
nuffieldstaff.stauk.apcoa.com/image/ 		12 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/ApcoaLogoTransparent.png
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0cab8b53a4cd13db8a0d89b30abaf27052d7d4883989b3af0ec066374355b4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
12491
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
card1.jpg
nuffieldstaff.stauk.apcoa.com/image/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/card1.jpg
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2570ffb8658c3beb8d01b2ab655e1224bc5daf4450ea02865b4fa0b91f94e4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
3461
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
card2.jpg
nuffieldstaff.stauk.apcoa.com/image/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/card2.jpg
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20c27bdd5675687532dc5cd03681b17df4ae731748bb0a99ef6ff2b6cc06512a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
2123
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
card3.jpg
nuffieldstaff.stauk.apcoa.com/image/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nuffieldstaff.stauk.apcoa.com/image/card3.jpg
Requested by
Host: nuffieldstaff.stauk.apcoa.com
URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ce4d05e9d35ef42a6e7c01673ddb8b2b003892f7044d0a308a1af22799df57d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
5876
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
Vary
ClientId
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
public,max-age=3600
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
X-Robots-Tag
noindex
recaptcha__en.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 		517 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 03:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209238
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 03:30:21 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://nuffieldstaff.stauk.apcoa.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:18:34 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
257235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150124
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-24a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kL2I3T9FLbrIZF13M%2BM7nBjkMhw1MQk7uT1recXgeN1PjuhYe7ZuVIxe8qSVeFUZ%2Fy2rlC7uyV0C50JqIGvCyHtqLd0EedaLSdZ6sP8ukPIFBNC6ovvm8rD3snGNqp%2FWTteQuaSr3vys16rFTBnATYwE"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895879e4eb886559-LHR
expires
Sun, 08 Jun 2025 04:18:34 GMT
favicon.ico
nuffieldstaff.stauk.apcoa.com/Icons/ 		22 KB
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nuffieldstaff.stauk.apcoa.com/Icons/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.244.37 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d26f8808eab24cb6255c4fab82c42e047bcd85f218d52bc5a1093c6a7f7ac80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 04:18:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy-Report-Only
block-all-mixed-content;child-src 'none';connect-src 'self' *.in.applicationinsights.azure.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com translate.googleapis.com www.google.com www.gstatic.com;default-src 'self';font-src 'self' data: cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com *.fontawesome.com https://applepay.cdn-apple.com/;frame-ancestors 'none';frame-src 'self' www.google.com js.stripe.com;img-src 'self' data: www.gstatic.com www.google.com www.google.co.uk www.google.de www.google.it www.google.ch www.google.gr www.google.fr www.google.at www.google.es www.google.pl www.google.cz www.google.no www.google.hr www.google.se www.google.ru fonts.gstatic.com translate.google.com translate.googleapis.com;media-src 'self' data:;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net/ js.monitor.azure.com cdnjs.cloudflare.com https://use.fontawesome.com https://kit.fontawesome.com www.google.com www.gstatic.com translate.google.com translate.googleapis.com js.stripe.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com *.fontawesome.com www.gstatic.com translate.googleapis.com;upgrade-insecure-requests;worker-src 'self';manifest-src 'self';report-uri https://apcoauk.report-uri.com/r/t/csp/reportOnly;report-to https://apcoauk.report-uri.com/r/t/csp/reportOnly;
Connection
keep-alive
Content-Length
22382
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:e825026a-c1ca-459c-86b6-68ea780b1ae2
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Jun 2024 14:58:46 GMT
ETag
"1dabc0fdbdb806e"
Expect-CT
max-age=0, enforce, report-uri="https://apcoauk.report-uri.com/r/t/ct/enforce"
X-Frame-Options
DENY
Content-Type
image/x-icon
Permissions-Policy
fullscreen=(self), geolocation=(self), camera=(self)
Accept-Ranges
bytes
X-Robots-Tag
noindex

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ undefined| jQuery function| Popper object| bootstrap function| moment object| version function| DP_jQuery_1718684314354 function| executeOnReady function| $jQuery3_3_1 string| redirectLanguageCode object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer object| bs function| DeclareGlobal function| EnterAccessCode function| AddRequestVerificationToFormData function| AdminProgressSpinner function| AjaxBeginFormShowError function| AjaxFileDownloadWithValidation function| AjaxSyncWithValidation function| AjaxWithValidation function| ModalAjaxUpdate function| RequestObjectToFormQuery function| SerialiseFormAsRequestData function| TooltipRefresh function| UpdateCarparkInfo function| ShowMap function| PrivacyModal function| ShowHideAdditionalAddress function| TermsModal function| AddEditMultiUsePassVehicle function| AddEditPermitVehicle function| AddEditSeasonTicketVehicle function| ClearVehicleForm function| DeleteMultiUsePassVehicle function| DeletePermitVehicle function| DeleteSeasonTicketVehicle function| RefreshMultiUsePassVrnDetails function| RefreshSeasonTicketVrnDetails function| AcceptCookies function| createCookie function| eraseCookie function| readCookie function| setCookieWarning function| DataTableInitialise function| dateAdd function| dateMinus function| timeAdd function| timeMinus function| DateTimePickerRefresh function| UpdateElectricChargingDuration function| btnMinusAction function| btnPlusAction function| updateEventInput function| UpdateFreeStayEntryDate function| UpdateFreeStayVisit function| UpdateGateDuration function| UpdateGateEntryDate function| UpdateGateVisit function| initPlacesSearchBox function| SendGtmEvent function| CancelBooking function| DownloadData function| EditVrnBooking function| ExportBookingData function| ShowHideDownloadSearchCriteria function| VrnSubmission function| UpdateCustomerVehicles function| addCustomerVehicleModal function| deleteCustomerVehicleModal function| selectVehicle function| DisplayUsedVisits function| MultiUsePassCarparkSelect function| RefreshMultiUsePassOrderDetails function| RefreshMultiUsePassRenewalDetails function| RemoveMultiUsePassPromoCode function| SelectMultiUsePass function| UpdateMultiUsePasssAvailable function| UpdateSearchBoxPlaces function| AddCarParkExtra function| RemoveCarParkExtra function| RemoveProductPromoCode function| UpdateBookingInput function| UpdateCGSearchInput function| UpdateEditBookingInput function| UpdateSelectedProduct function| BookingSearchNotification function| ModifySearch function| PreserveUrlState function| ShowBookingSearchNotification function| UpdateSearchInput function| setSearchCarparkType function| CancelReasonSelect function| RefreshRenewalDetails function| RefreshReservedBays function| RefreshSeasonTicketOrderDetails function| RemoveSeasonPromoCode function| SeasonTicketCarparkSelect function| SeasonTicketVehicleTypeRefresh function| SelectReservedBay function| SelectSeasonTicket function| UpdateSeasonTicketsAvailable function| confirmRenewalStatus function| CreateShadowBookingForProduct function| CreateShadowBookingForTypeOfItem function| ValidateFormForTypeOfItem function| LoadStripeButton function| LoadStripeForm function| RefreshTripPayment function| TripBookingDetails function| TripBookingExportRequest function| TripBookingFilter function| TripBulkAddVrn object| recaptcha

2 Cookies

Domain/Path Name / Value
nuffieldstaff.stauk.apcoa.com/ Name: CurrentLanguageCode
Value: en
nuffieldstaff.stauk.apcoa.com/ Name: .AspNetCore.Antiforgery.vWfF-CdsLRs
Value: CfDJ8M8CxY3KlUVFgEM_SnsJB_suDKtovHU11plk4FqefKnelEwQDX2wuCjpJY8Lu9wlDU1FIUJAeymapt4568D4GUn8midF00C65OIVUNsT4V2jHlQ-0eeKMZ9anxcdCqpGEvb6qJW9jOuxUfmFsULdPZw

3 Console Messages

Source Level URL
Text
security error URL: https://nuffieldstaff.stauk.apcoa.com/account/login?returnUrl=%2f
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network error URL: https://nuffieldstaff.stauk.apcoa.com/image/HeroImage-md.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://nuffieldstaff.stauk.apcoa.com/image/HeroImage-sm.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
nuffieldstaff.stauk.apcoa.com
www.google.com
www.gstatic.com
20.49.244.37
2606:4700::6811:180e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
0cab8b53a4cd13db8a0d89b30abaf27052d7d4883989b3af0ec066374355b4b7
13c811d14d7e730e66c6b71058524c0cbbf3603f08a9fcbf868ca2dcc40dc51a
14b8cbe1dc82a54b1d5a9268db3a5576e5dfce49a0b8bc0aca891fb68f12c8cb
17219ef68ac0158365c227141dc5354fedc9b9ae2c51d20239b1c69a5e5aaaed
1da73dfe940ad81b19f6956081fdcd9e957fc3b76c1978941ccbdda07707081e
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
20c27bdd5675687532dc5cd03681b17df4ae731748bb0a99ef6ff2b6cc06512a
20f6b02ebb419125938c201d3908a015e9e5c3e64cdf7be785f90fa56aa466d4
2201cbadfde5b89c55f9cb8a9bf044f74ee0e0f1ff7e3e46d36ffe83b7c0cbaf
23cdbc49b2d035f6de4f1d3b4bc9f84d4a1089496a13fc52705a68878f578468
24e5891f09428d87130eed989a20ef04f9f8fc819862d4a41094279f264ed38e
2570ffb8658c3beb8d01b2ab655e1224bc5daf4450ea02865b4fa0b91f94e4c9
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
284296120707bacadeecb374485af6e1a402ca27784caf26a0edb452adf78c53
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
442d3043976820cb8ea464c7633dccb994cccfa9a22da744aee320d4090a0298
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
45161dcdec145b766590533541424f8cdd48e24d8ee8cbe800ccc50575281f00
478f25067c4a2a7ab5f5477949d1b779757dd758efa95f4408774f552ea95ba8
4b02c43d2757c1739c754524e7e33fb03727bf686b99a1c21aba94911f22d058
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
4cbfacfbbdbcf648cfb4e37aae1e12624d0878b2bcde3c4796848f3687b44822
4ce4d05e9d35ef42a6e7c01673ddb8b2b003892f7044d0a308a1af22799df57d
4e57578f39ec51ffffca2a58780f2cecc995f36df687d2bc1018983f7bc67c47
4fc3cb93f50afc78b9b08918df72338b4ce1b4b04e2f581ff753d301dec0a8de
569a98cd5a225d69c9e8e586cea6eb7968d64b9a6ede62e8ab24122f2403e9a1
5929da9ea745f45d123fb972727100784a438c7bb711c0933bba5cd69b0fc757
5dbc633ada44ec974a3ce4b08bb9b00970c69173457c8bc13dbe88b9cc163a62
60bb5891e0283fbadd766beb14ec761f7ca0280f1901d48d25e268bdde014f0a
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
69fe72754ad58a193a60d832bb7ac639878b7c9c6e6137544646dadf479648e7
6fbaf985ee9dcd9e8e93bf1e8a59796e37520a1d1d040142c634ccbd1ed032a5
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
71de107ddcc2857f840ac3605f3146ff0e15684ea69475b73ef608f5bb9429e9
743d402842c5d7d15f4ed5fdd6c80dddd2c3b0424dc0e3c0fea324b1c04258aa
82506a65ab08c8099650e5af5251af844d37f0e095bfae8f23fcac2a9379d791
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
959e1206b040d41f064189a60ab4efbc0a2346a5a52fc80d7e3180a815871c4e
993ecf6efc5a2f1625d35256e730c8e7ac0494910827081e7d6958d90f8fbab6
a06b15418b676b33d83d9f97cc8e8de6e9bd28c0b8ab6fbd8207c61cf901fa41
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7440c18f1b9446c945e4e09ee2f9bed36e50811d66a14f4ca4f3569275a15b5
c0dc73942852063e68a9290e9a8670fe070bd36d5ab9246da9dcd978998a327d
c6d4266e0ce7cecad1d3576bc19756af3ae1dca2f72c43b6c08afb3400078489
c729e8a07fbd7b3800e80e1e0c6b4001f802ea0cf73b7f1de059a8a4b4bed78f
c7d8107fa714e734a23a31fcc75c4ab51a4c346f6e9370279d984c3505d5339d
cf02897a0d32bb4dad4405d5c1d8febab893212ff9fedf21ad87e0b65d71a43c
d26f8808eab24cb6255c4fab82c42e047bcd85f218d52bc5a1093c6a7f7ac80b
d3037f42050da6c98f31f801c26a5fe3df7327240ce40314b805e5e25b052ea2
dab4732d60620304d6b0c48869e0765bcefe2deff2cd0c420be39ea7a3235d96
dcf1340186b8e4464a13def19715c0f91165f418d1b6da8336ba774ef6064009
e120bb5ca9c62d21b247ac3f4a564dabb0aeeda65742f453e2b2675cc420d9ad
e1935197d5ede44c387d67b687c9d41539ead6cf63ca098e94656cf5b41ff3ca
e4e13a9b982bada42258552c60aae6c106735c433d8e22a54a1a199859de7d64
eea859a0c5bc51de01b0ac93f3b4ae4e43ec989cde9eb4ce582a0fc4cfa95b86
f065aef7cff99e62b64d582274f73bca8efec3c9e3a0e47e91e9a5dedcf858ae
f07aff014e5941654b21404660217f7c4a62e427a3890e005c11e4a73f5095d5
f76ac224c79f9617e078d791993c49a883ab84f0064a7dc7aad447a3b953b3bb
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fbc5d3ce1fc6f9df26123c5fda116ff8ae4f6d7b8973139e90cd61d64e894e8f