urlscan.io logo urlscan.io
SecurityTrails logo

identity.nidirect.gov.uk Open in urlscan Pro
2606:4700::6812:34d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apply-for-probate-professional.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F
Effective URL: https://identity.nidirect.gov.uk/Customer
Submission Tags: @phishunt_io
Submission: On April 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6812:34d, located in United States and belongs to CLOUDFLARENET, US. The main domain is identity.nidirect.gov.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2021. Valid for: a year.
This is the only time identity.nidirect.gov.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:9000:224... 16509 (AMAZON-02)
1 25 2606:4700::68... 13335 (CLOUDFLAR...)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.95.93.152 8075 (MICROSOFT...)
31 6
1    2600:9000:2240:b800:c:25d9:c300:93a1 (United States)

ASN16509 (AMAZON-02, US)
apply-for-probate-professional.nidirect.gov.uk
25    2606:4700::6812:34d (United States)

ASN13335 (CLOUDFLARENET, US)
identity.nidirect.gov.uk
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
cdn.botframework.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.95.93.152 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
directline.botframework.com
Apex Domain
Subdomains		 Transfer
26 nidirect.gov.uk
apply-for-probate-professional.nidirect.gov.uk
identity.nidirect.gov.uk
231 KB
3 botframework.com
cdn.botframework.com — Cisco Umbrella Rank: 20049
directline.botframework.com — Cisco Umbrella Rank: 24086
862 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
40 KB
31 4
Domain Requested by
25 identity.nidirect.gov.uk 1 redirects identity.nidirect.gov.uk
2 directline.botframework.com cdn.botframework.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com identity.nidirect.gov.uk
1 cdn.botframework.com identity.nidirect.gov.uk
1 apply-for-probate-professional.nidirect.gov.uk
31 6

This site contains links to these domains. Also see Links.

Domain
www.nidirect.gov.uk
Subject Issuer Validity Valid
www.check-eligibility.nidirect.gov.uk
Amazon		 2022-04-24 -
2023-05-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-01 -
2022-10-31		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
ssl.roles.botframework.com
DigiCert SHA2 Secure Server CA		 2022-02-28 -
2023-02-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://identity.nidirect.gov.uk/Customer
Frame ID: 852D10CEC05901E5DF8D790E14F784D2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Do you have an nidirect account?|nidirect account| nidirect

Page URL History Show full URLs

  1. https://apply-for-probate-professional.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F Page URL
  2. https://identity.nidirect.gov.uk/SAML/ReceiveRequest HTTP 302
    https://identity.nidirect.gov.uk/Customer Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <body[^>]+govuk-template__body
  • <a[^>]+govuk-link
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

1152 kB
Transfer

4796 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apply-for-probate-professional.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F Page URL
  2. https://identity.nidirect.gov.uk/SAML/ReceiveRequest HTTP 302
    https://identity.nidirect.gov.uk/Customer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
InitiateSso
apply-for-probate-professional.nidirect.gov.uk/Saml/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply-for-probate-professional.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:b800:c:25d9:c300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
09745a9925fe93b417440fd0c01f8388705402645c4c14a3e0307f323c56023f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode = block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate,max-age=0
content-type
text/html; charset=utf-8
date
Sun, 24 Apr 2022 12:16:22 GMT
pragma
no-cache
server
Kestrel
strict-transport-security
max-age=2592000
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
x-amz-cf-id
AvfuPz_9feCj-S0A6aJRdSCWTqjTj3bpKQz_8rqgfnuGcil2Xg9-aA==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
86e0910c-6dcd-475d-40f9-e819987a899b
x-xss-protection
1; mode = block
Primary Request Customer
identity.nidirect.gov.uk/
Redirect Chain
  • https://identity.nidirect.gov.uk/SAML/ReceiveRequest
  • https://identity.nidirect.gov.uk/Customer
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b85507c76683f8af7b84551b30eca3f1161f5ddd4a9e7b3dae3460ac32361d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://apply-for-probate-professional.nidirect.gov.uk
Referer
https://apply-for-probate-professional.nidirect.gov.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
700ec5115d9e9bb0-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Apr 2022 12:16:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id
xFdvZmX2rMXZZklrm-6UxV8D9tIuusWacTrfEBaUcZgrg43eHrvMLA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
c9ecb0d9-b180-44a1-654e-14a9a9188142
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
700ec5104af79bb0-FRA
content-length
0
date
Sun, 24 Apr 2022 12:16:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
location
/Customer
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id
syqml6Y8VbLuvlwKsSz9EJM0a8RjNrPEPY6FCZ0oyGkyERAB2z1edA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
2c79e292-a792-4a1e-51c1-1db25d3a49af
x-xss-protection
1; mode=block
uxg.css
identity.nidirect.gov.uk/assets/customer/css/ 		146 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/css/uxg.css
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82498580fa6d494b339645cd629c3cc4b4f8c87ad4c25b37c3d1eefaf077ad61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 152067cb05e927a3875fa79d27c9c710.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3ac9c7eb80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
x-vcap-request-id
d784c8a9-08cc-4cb8-64e8-bc340fa5417f
cache-control
public, max-age=14400
cf-ray
700ec512881e9bb0-FRA
x-amz-cf-id
4-K6rlEJpw5TPPsVMzqeMT8IEICCtYK0uRVi1YaB8pLqSd6SC19a6Q==
expires
Sun, 24 Apr 2022 16:16:23 GMT
nida.css
identity.nidirect.gov.uk/assets/customer/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/css/nida.css
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369095c31379b0920384a424e9d4f74ba7b4e7fbe4f86076c1c73ef6996e66c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 0f58c45e6baa63e9e5e13528986aaf40.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9c20e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
x-vcap-request-id
cf673718-d03a-4cb7-5c81-3d05a9d1977c
cache-control
public, max-age=14400
cf-ray
700ec51288209bb0-FRA
x-amz-cf-id
rvDBa7ACr1MzUihxIJLjxj7vj5s7EsjceG6MkhEA26tII2YGf_QcWQ==
expires
Sun, 24 Apr 2022 16:16:23 GMT
jquery.js
identity.nidirect.gov.uk/assets/customer/js/ 		287 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/jquery.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd61478d74136e4f68bcc46b6d476d13b374c9a869e62ef394aabd151cfc905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acb8b1c7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
25a061e0-8f0c-463f-4329-0796ff1f8721
cache-control
public, max-age=14400
cf-ray
700ec51288249bb0-FRA
x-amz-cf-id
PIB6a60g-gqWM3dureyXwJuf_4EL3h2H11jFzJ307vaI3CGBuHDE7Q==
expires
Sun, 24 Apr 2022 16:16:23 GMT
html5shiv.js
identity.nidirect.gov.uk/assets/customer/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/html5shiv.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3aa003abf3b6aaf1654fe8669472e3c01dba7bb73be4a8b73a3423cfeeb0e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 da1f6d03da0e6ca0243f47b48ec7ed16.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
LIS50-C1
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
5920e3b9-1d77-41ef-69d6-28c4c506090a
cache-control
public, max-age=14400
cf-ray
700ec51288299bb0-FRA
x-amz-cf-id
vYYCi4swCtP4J76bWJ49kvpBtEQbjMmI4dx4CrDdSIFa4w8XHRMykg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
notifications.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/notifications.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa60d7e6dce9200963e58e0961b66e8c23cf24e808648f2312c4985222859a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ea3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
4d3b4502-21a6-45fb-5c5f-45717d0be6ba
cache-control
public, max-age=14400
cf-ray
700ec512882b9bb0-FRA
x-amz-cf-id
8hZrkn0Ms7gf6ha4aCUednDJNYxrYG8UmXx07s5om9tvruqPdVpE1Q==
expires
Sun, 24 Apr 2022 16:16:23 GMT
moment.js
identity.nidirect.gov.uk/assets/common/vendors/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/moment.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e99e5d37ba5419134c4f411451ddfd1bf5bc79f5aaa87b5eaaaeded2ab587ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 e7a4ac068ceee8f5f56dae98493e3cc0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
LIS50-C1
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acf23ff95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
3bd56c80-427d-4904-4ba4-547bfc23e12f
cache-control
public, max-age=14400
cf-ray
700ec512882c9bb0-FRA
x-amz-cf-id
T9wkLMhRzobZ7KrkVqXq3ZSnOw49EyyKSJo0jtHCoLTAcZpLguIsKg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
knockout-3.5.1.js
identity.nidirect.gov.uk/assets/common/vendors/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/knockout-3.5.1.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 97978866acaa309c48c9547732ed6796.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acf23e499"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
8f77db5b-1399-425f-5729-497814168275
cache-control
public, max-age=14400
cf-ray
700ec512982e9bb0-FRA
x-amz-cf-id
sehTIOWmaAz_xKz8b3162bdADmph8Xa8os4Wj0xgd6kuCIqXCdamRA==
expires
Sun, 24 Apr 2022 16:16:23 GMT
auto-bind.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/auto-bind.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8671873fcb9c5de8cdbd7b759e2a11c26342702244df3df0b0a445c261bc346b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e1bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
51adb182-e080-4ee7-6940-62f6768baa40
cache-control
public, max-age=14400
cf-ray
700ec51298309bb0-FRA
x-amz-cf-id
TH4uqpWlNe09cwaO3Z7J9T0pizdt_UW7ztRiHv5h_a6zub31YwGKVA==
expires
Sun, 24 Apr 2022 16:16:23 GMT
knockout-extensions.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		957 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/knockout-extensions.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd1031be800c6523093ef64f2446cb632a2cc18039794fb57a8a853027eaad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ecbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
bbcb0e76-2004-4577-4171-b4986838d73c
cache-control
public, max-age=14400
cf-ray
700ec51298339bb0-FRA
x-amz-cf-id
-B_LpAXzoc7s_6aw1XbzbSjGZPDDYjDL83iKbPIZ_lpb6s2pNIPeAA==
expires
Sun, 24 Apr 2022 16:16:23 GMT
link-to-form.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		774 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/link-to-form.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea186548b6fe24f4bcbfa2723077b709b4c5f26bb55b4b2811b80dd496e2993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 373f9c009723e23b8f36ad88a25f3c64.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ec06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
63f5af3a-bf10-4b7e-5b3d-308f45faf52f
cache-control
public, max-age=14400
cf-ray
700ec51298369bb0-FRA
x-amz-cf-id
GsWQLeA72D9W_rWNgvxrKSaQGuJ1RNzSdU_99XVbWEZJRmi-Pvxusw==
expires
Sun, 24 Apr 2022 16:16:23 GMT
file-upload.js
identity.nidirect.gov.uk/assets/common/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/js/file-upload.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ee74b2d37755af5d00f942bccb7f24dfba9bb8f57104fce145186dda537e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9fd79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
ccacedfd-58d6-43fc-7262-8733d1acfab9
cache-control
public, max-age=14400
cf-ray
700ec51298399bb0-FRA
x-amz-cf-id
3ih6x-RKDz-sy1W7bX9Cuq_VQk-idgKbQs7QBIC_c6M_7ko0H3goHw==
expires
Sun, 24 Apr 2022 16:16:23 GMT
image-upload.js
identity.nidirect.gov.uk/assets/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/js/image-upload.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2402a9b173f2d0922e64be60af20536bba0bc7fe458a52660e145348cae2909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9f979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
a3115d8c-79a2-42c7-455e-33e31cc837a8
cache-control
public, max-age=14400
cf-ray
700ec512983b9bb0-FRA
x-amz-cf-id
lWPMkCfxLR4LdtLyNyvtCXHEZ4JFH3ZlMv2Dbn_CE2QZiT0zHTbpJg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
address-lookup.js
identity.nidirect.gov.uk/assets/customer/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/address-lookup.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a517cf9e9ecd72b4a0fd9a36e9d1154a8802d417b5de55014ab0500b4d480a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9f50d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
d5f17633-3e86-4fd4-6420-ae39a98df25c
cache-control
public, max-age=14400
cf-ray
700ec512983c9bb0-FRA
x-amz-cf-id
mz8IOgrMbdgKPIHEvZthLcHEkQeFuYCgz8KnTCVQIhZaWZ26UfW32A==
expires
Sun, 24 Apr 2022 16:16:23 GMT
authenticationtype-change.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/authenticationtype-change.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fa40c566ae514eb4c6f95033bd4b81e556265f06f2dfc01e7c4bbb389a378a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ea1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
7b09bca3-7927-44dd-47f4-536daa877e13
cache-control
public, max-age=14400
cf-ray
700ec512983d9bb0-FRA
x-amz-cf-id
MFV-wD9k5DQQ-0HmMy9NOvef3RD0wEywwPK5Y6kDAhZv-VnzYrxglg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
confirmation.js
identity.nidirect.gov.uk/assets/customer/js/ 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/confirmation.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777193274e81aec93e4353fd0ddbd5ba88baa2c04f92c0d2ea58b3490e7e4304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 fb20548d6358b8a3b0a1189b50890830.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
DUB2-C1
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e67c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
0ac8e7ab-56bf-4adf-66a3-d5ef4d31b4d8
cache-control
public, max-age=14400
cf-ray
700ec512983f9bb0-FRA
x-amz-cf-id
2lPPOE_BRV_HgvNamXLVOeiUyp15ROvMsoWXMD0-q6ZZH9gg6jbMDg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
table-row-expander.js
identity.nidirect.gov.uk/assets/customer/js/ 		327 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/table-row-expander.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6622e353d30e83e0060767ac8e17a02f76bb0abb03ea45c184f960f6e86a8c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 0ae545eeb36ad199bd1682f504557660.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ee47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
9e6d4228-af04-4c0b-6893-21292d5fa5c2
cache-control
public, max-age=14400
cf-ray
700ec51298409bb0-FRA
x-amz-cf-id
aoXeigCgM-FUNBS-8eEg1USxw52XulAzK8Nt-n04hQCCWK6VSPiMlw==
expires
Sun, 24 Apr 2022 16:16:23 GMT
uxg.js
identity.nidirect.gov.uk/assets/customer/js/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/uxg.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59adbcd95527d810f588a6d9b7e221d88df1fe4caeca740115c960ea7d6b1d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 d445f4d86ae3548024d9f2737c3d18c0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f97946"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
ed4ccba7-9c6a-47ee-4179-0ba98d489dbe
cache-control
public, max-age=14400
cf-ray
700ec51298429bb0-FRA
x-amz-cf-id
s-QpqVaXKKzaN-iCQu3hxVwzzkrVKf6p6UefWLrcnsWDSr--grnXSg==
expires
Sun, 24 Apr 2022 16:16:23 GMT
captured-image.js
identity.nidirect.gov.uk/assets/customer/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/captured-image.js?v=2
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5867b8b5e6c4df2d9c5b48e507e18c82c74b220b2ae13631596031fef245c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9d6b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
2140cdcb-361d-4686-7a57-4b76744db1b4
cache-control
public, max-age=14400
cf-ray
700ec51298439bb0-FRA
x-amz-cf-id
JoL_tqYG_nUpE3p84h7sLu-NuFuuFjrDS9UmNDFL7PNxQC5MRDflEw==
expires
Sun, 24 Apr 2022 16:16:23 GMT
nidirect_chat_bot.png
identity.nidirect.gov.uk/assets/customer/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identity.nidirect.gov.uk/assets/customer/images/nidirect_chat_bot.png
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df466b95af22ebdbe5ca4a0e1d286bef7bad5c3f4468e049a5fcb3a51a5598e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
1502
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d8384861f9eade"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-vcap-request-id
bdc370a7-70ef-43a8-7595-664a9a2ead63
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
700ec513aacc9bb0-FRA
x-amz-cf-id
UDPcQntAeQssCxHvrugmR-pzPaHa-tBshaKgWwB_YlLWBH9yqFnP2Q==
expires
Sun, 24 Apr 2022 16:16:23 GMT
close-icon.png
identity.nidirect.gov.uk/assets/customer/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identity.nidirect.gov.uk/assets/customer/images/close-icon.png
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961089e75ead62563f727c15116afd9b1ccadb4b8025da7fbe9b79cacc43f91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 003bc9225f430357abb8eb4b34f6dc20.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
DUB2-C1
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
1237
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d8384861f9ebd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-vcap-request-id
59c3af3d-3fc6-4be0-7f65-2eee48ddc94e
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
700ec513aace9bb0-FRA
x-amz-cf-id
UBNXOZK2l35rrMX1jhg1tuVVLHtOTV400PnaC6kGmDaqCfli7TjsoA==
expires
Sun, 24 Apr 2022 16:16:23 GMT
webchat.js
cdn.botframework.com/botframework-webchat/latest/ 		4 MB
860 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.botframework.com/botframework-webchat/latest/webchat.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E86) /
Resource Hash
b6a3f7222e0c674ecfc938ff2e6715efd822f02972aedee080025f8ded4beea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Apr 2022 12:16:23 GMT
content-encoding
gzip
content-md5
jabs1FBqpFIzb6q5ZEbfSw==
age
40
x-cache
HIT
content-length
879303
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 23:54:23 GMT
server
ECAcc (frc/8E86)
etag
0x8D9FE3A4ECF28F0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b9a936c-201e-0070-54d5-57db0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Sun, 24 Apr 2022 12:31:23 GMT
chatbot.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/chatbot.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff85eb40885c581185cbf125d3a0dcd76c7244e8cbc5e5e70f7e7d1194eed099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 a0fcc6683b5ffe69a9725d7f7362aef8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FCO50-P4
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9eb70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
cfa3573b-f630-4334-64c8-168c95902627
cache-control
public, max-age=14400
cf-ray
700ec5138aa09bb0-FRA
x-amz-cf-id
qyWRP5ZBi0bW8hxfJvmtQkprPGmfwTDVncfItuCPoTEILmpOgeq7KA==
expires
Sun, 24 Apr 2022 16:16:23 GMT
mitek-science-sdk.js
identity.nidirect.gov.uk/assets/customer/js/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/mitek-science-sdk.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a54279acc7eb6e522c5a55c96c96a6da3d46a38b69185cd8072dc647a63c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acb8e9f27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
2afd717f-3769-479d-5420-5fafffc53c1f
cache-control
public, max-age=14400
cf-ray
700ec5139acb9bb0-FRA
x-amz-cf-id
S9s55Pp360iB7Cl5S-Y27CwAIitc5BAOAFUjjfK9wLGrAV92XN6Lww==
expires
Sun, 24 Apr 2022 16:16:23 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WKMHRP
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18fb10d9d0e08e598bda3a674ef2839078f70454bf3fd436cd924bcd7bd80873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40246
x-xss-protection
0
last-modified
Sun, 24 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Apr 2022 12:16:23 GMT
Token
identity.nidirect.gov.uk/Customer/Chatbot/ 		828 B
921 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/Customer/Chatbot/Token
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438e58cdcb65e8acb682dd1159632d38447e4d05f6053d2e535d58310bfb651b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:24 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
x-vcap-request-id
d0504fd4-3df4-4799-57b2-90a54a423e6f
cache-control
no-store,no-cache
cf-ray
700ec515ff629bb0-FRA
x-amz-cf-id
XrqMD_ekunFivhARBnqbz-bXuVdQs7XFraugpOIcqn7_thehBAoFGA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WKMHRP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7153
date
Sun, 24 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 24 Apr 2022 12:17:11 GMT
conversations
directline.botframework.com/v3/directline/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://directline.botframework.com/v3/directline/conversations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.93.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-ms-bot-agent,x-requested-with
Access-Control-Request-Method
POST
Origin
https://identity.nidirect.gov.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-ms-bot-agent,x-requested-with
access-control-allow-origin
*
access-control-max-age
600
arr-disable-session-affinity
true
cache-control
no-cache
content-length
0
date
Sun, 24 Apr 2022 12:16:23 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
conversations
directline.botframework.com/v3/directline/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://directline.botframework.com/v3/directline/conversations
Requested by
Host: cdn.botframework.com
URL: https://cdn.botframework.com/botframework-webchat/latest/webchat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.93.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ed3a527e2646fbf3226e1f1f04911094a4efdfae9d6442334aaec198635d4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9
Authorization
Bearer ew0KICAiYWxnIjogIlJTMjU2IiwNCiAgImtpZCI6ICIway1XY3VlUDRoZGEtdGJfYTh4TTc0M012UW8iLA0KICAieDV0IjogIjBrLVdjdWVQNGhkYS10Yl9hOHhNNzQzTXZRbyIsDQogICJ0eXAiOiAiSldUIg0KfQ.ew0KICAiYm90IjogIk5JREFXZWJBcHBCb3ROb2RlSlMiLA0KICAic2l0ZSI6ICJ1LWszcWVwaXRkayIsDQogICJjb252IjogIjZZRFljYndZOGh6RzVWM1c3YW9ZaWctdWsiLA0KICAibmJmIjogMTY1MDgwMjU4NCwNCiAgImV4cCI6IDE2NTA4MDYxODQsDQogICJpc3MiOiAiaHR0cHM6Ly93ZWJjaGF0LmJvdGZyYW1ld29yay5jb20vIiwNCiAgImF1ZCI6ICJodHRwczovL3dlYmNoYXQuYm90ZnJhbWV3b3JrLmNvbS8iDQp9.fQeTm_5A2fJMbaQ9SFngOq5inkZeUAaKTbI-gLntlwJCGuxegyHcu3S7hqmQYoFiGpf5AxlkHJ06CLlaoJjq6ZisgFYBd9VL9dkZUfILDqsRblGkbKMHQPKyyvOuC0EO9xp6d7ItBpPRnNSVDyYkjCfzcFFddjrqJHnIgGdLW4Zb0hN0Q5Z2YW_JaCsu6OtM-47rqDNe3Eabn8nU2cDIdqZ3xn5vXJeHheqLCeNxjgUFU3zqoRv3tt0Lb3CM4pW9X_1qLGrQOkjlZGHUCI8MpopBINGu7VW95WyRb9Xz7pXZkTGZMtMNl14MJ1i_5BNjAAh8XbRaMhZFdz_5cnINVw
Content-Type
application/json
Accept
application/json
Referer
https://identity.nidirect.gov.uk/
X-Requested-With
XMLHttpRequest
x-ms-bot-agent
DirectLine/3.0 (directlinejs; WebChat/4.15.1 (Full) 0.15.1)

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 12:16:24 GMT
x-content-type-options
nosniff
cache-control
no-cache
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1af6bb3bdc186a41ad7b40994f6d7b0d
access-control-expose-headers
Retry-After
arr-disable-session-affinity
true
content-length
1954
x-xss-protection
1; mode=block
expires
-1
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=908895370&t=pageview&_s=1&dl=https%3A%2F%2Fidentity.nidirect.gov.uk%2FCustomer&dr=https%3A%2F%2Fapply-for-probate-professional.nidirect.gov.uk%2F&ul=en-us&de=UTF-8&dt=Do%20you%20have%20an%20nidirect%20account%3F%7Cnidirect%20account%7C%20nidirect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=701420812&gjid=1343129247&cid=1721106139.1650802584&tid=UA-26858713-14&_gid=339846418.1650802584&_r=1&gtm=2wg4k05WKMHRP&z=840440521
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://identity.nidirect.gov.uk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 12:16:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://identity.nidirect.gov.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer function| $ function| jQuery object| html5 object| Notifications function| moment object| ko object| Civica object| GOVUKFrontend object| regeneratorRuntime object| WebChat object| Components function| createAdaptiveCardsAttachmentForScreenReaderMiddleware function| createAdaptiveCardsAttachmentMiddleware function| createCognitiveServicesSpeechServicesPonyfillFactory function| createDirectLine function| createDirectLineAppServiceExtension function| createDirectLineSpeechAdapters function| createStyleSet function| default object| hooks function| renderMarkdown function| renderWebChat object| Constants function| concatMiddleware function| connectToWebChat function| createBrowserWebSpeechPonyfillFactory function| createStore function| createStoreWithDevTools string| version object| webpackJsonpmitekScienceSDK object| core object| mitekScienceSDK object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
apply-for-probate-professional.nidirect.gov.uk/ Name: saml-session
Value: 76cc4e9d-7e02-4558-9faa-815a34429db8
identity.nidirect.gov.uk/ Name: .AspNetCore.Session
Value: CfDJ8LyeEusg74BIqxYn8GgZyFNszxtXGQBK35YO5c3ghVnoYb0sn1hCLqKHnLjf57knSoAvM4qH9lNZMn7%2BMnbADI4QZGl%2Bu5%2BHkKX%2BTtOV0GdGWZ3lAHlU859%2Besvmr4g2rr4AGIVW3yh1btueIugq6QIzhP7%2BowQuANP%2FpnTXrEhj
identity.nidirect.gov.uk/ Name: .AspNetCore.Antiforgery.o5g48ybWK7c
Value: CfDJ8LyeEusg74BIqxYn8GgZyFNaLuPwOVKnkMeYUe5jOgg6YDTY5TsAnsfvhokyl6fTOXev8DeANozGonCpb1ZiIr2CLXtS7ci_Y5IA_JfDLNuFvOY7PgSx_d1U9OZFe4Ho9InKQwdJYjZJIA_PU9xg-Ww
.nidirect.gov.uk/ Name: _ga
Value: GA1.3.1721106139.1650802584
.nidirect.gov.uk/ Name: _gid
Value: GA1.3.339846418.1650802584
.nidirect.gov.uk/ Name: _gat_UA-26858713-14
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode = block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply-for-probate-professional.nidirect.gov.uk
cdn.botframework.com
directline.botframework.com
identity.nidirect.gov.uk
www.google-analytics.com
www.googletagmanager.com
13.95.93.152
152.199.19.160
2600:9000:2240:b800:c:25d9:c300:93a1
2606:4700::6812:34d
2a00:1450:4001:811::2008
2a00:1450:4001:831::200e
09745a9925fe93b417440fd0c01f8388705402645c4c14a3e0307f323c56023f
0e99e5d37ba5419134c4f411451ddfd1bf5bc79f5aaa87b5eaaaeded2ab587ce
18fb10d9d0e08e598bda3a674ef2839078f70454bf3fd436cd924bcd7bd80873
2402a9b173f2d0922e64be60af20536bba0bc7fe458a52660e145348cae2909e
369095c31379b0920384a424e9d4f74ba7b4e7fbe4f86076c1c73ef6996e66c4
438e58cdcb65e8acb682dd1159632d38447e4d05f6053d2e535d58310bfb651b
45b85507c76683f8af7b84551b30eca3f1161f5ddd4a9e7b3dae3460ac32361d
59adbcd95527d810f588a6d9b7e221d88df1fe4caeca740115c960ea7d6b1d2a
6622e353d30e83e0060767ac8e17a02f76bb0abb03ea45c184f960f6e86a8c55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df466b95af22ebdbe5ca4a0e1d286bef7bad5c3f4468e049a5fcb3a51a5598e
777193274e81aec93e4353fd0ddbd5ba88baa2c04f92c0d2ea58b3490e7e4304
7f5867b8b5e6c4df2d9c5b48e507e18c82c74b220b2ae13631596031fef245c7
82498580fa6d494b339645cd629c3cc4b4f8c87ad4c25b37c3d1eefaf077ad61
8671873fcb9c5de8cdbd7b759e2a11c26342702244df3df0b0a445c261bc346b
961089e75ead62563f727c15116afd9b1ccadb4b8025da7fbe9b79cacc43f91d
9aa60d7e6dce9200963e58e0961b66e8c23cf24e808648f2312c4985222859a7
9ed3a527e2646fbf3226e1f1f04911094a4efdfae9d6442334aaec198635d4a6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aea186548b6fe24f4bcbfa2723077b709b4c5f26bb55b4b2811b80dd496e2993
b3aa003abf3b6aaf1654fe8669472e3c01dba7bb73be4a8b73a3423cfeeb0e39
b6a3f7222e0c674ecfc938ff2e6715efd822f02972aedee080025f8ded4beea1
b6ee74b2d37755af5d00f942bccb7f24dfba9bb8f57104fce145186dda537e32
c8fa40c566ae514eb4c6f95033bd4b81e556265f06f2dfc01e7c4bbb389a378a
d8a517cf9e9ecd72b4a0fd9a36e9d1154a8802d417b5de55014ab0500b4d480a
d8a54279acc7eb6e522c5a55c96c96a6da3d46a38b69185cd8072dc647a63c3e
dcd61478d74136e4f68bcc46b6d476d13b374c9a869e62ef394aabd151cfc905
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
fcd1031be800c6523093ef64f2446cb632a2cc18039794fb57a8a853027eaad3
ff85eb40885c581185cbf125d3a0dcd76c7244e8cbc5e5e70f7e7d1194eed099