urlscan.io logo urlscan.io
SecurityTrails logo

identity.nidirect.gov.uk Open in urlscan Pro
2606:4700::6812:34d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apply-for-probate.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F
Effective URL: https://identity.nidirect.gov.uk/Customer
Submission Tags: @phishunt_io
Submission: On April 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6812:34d, located in United States and belongs to CLOUDFLARENET, US. The main domain is identity.nidirect.gov.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2021. Valid for: a year.
This is the only time identity.nidirect.gov.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:9000:236... 16509 (AMAZON-02)
1 25 2606:4700::68... 13335 (CLOUDFLAR...)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.95.93.152 8075 (MICROSOFT...)
31 6
1    2600:9000:236e:9400:c:25d9:c300:93a1 (United States)

ASN16509 (AMAZON-02, US)
apply-for-probate.nidirect.gov.uk
25    2606:4700::6812:34d (United States)

ASN13335 (CLOUDFLARENET, US)
identity.nidirect.gov.uk
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
cdn.botframework.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.95.93.152 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
directline.botframework.com
Apex Domain
Subdomains		 Transfer
26 nidirect.gov.uk
apply-for-probate.nidirect.gov.uk
identity.nidirect.gov.uk
231 KB
3 botframework.com
cdn.botframework.com — Cisco Umbrella Rank: 20049
directline.botframework.com — Cisco Umbrella Rank: 24086
862 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
40 KB
31 4
Domain Requested by
25 identity.nidirect.gov.uk 1 redirects identity.nidirect.gov.uk
2 directline.botframework.com cdn.botframework.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com identity.nidirect.gov.uk
1 cdn.botframework.com identity.nidirect.gov.uk
1 apply-for-probate.nidirect.gov.uk
31 6

This site contains links to these domains. Also see Links.

Domain
www.nidirect.gov.uk
Subject Issuer Validity Valid
www.check-eligibility.nidirect.gov.uk
Amazon		 2022-04-24 -
2023-05-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-01 -
2022-10-31		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
ssl.roles.botframework.com
DigiCert SHA2 Secure Server CA		 2022-02-28 -
2023-02-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://identity.nidirect.gov.uk/Customer
Frame ID: 8FF106BFCE54F0607C45CC3B317BCE3C
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Do you have an nidirect account?|nidirect account| nidirect

Page URL History Show full URLs

  1. https://apply-for-probate.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F Page URL
  2. https://identity.nidirect.gov.uk/SAML/ReceiveRequest HTTP 302
    https://identity.nidirect.gov.uk/Customer Page URL

Detected technologies

Overall confidence: 80%
Detected patterns
  • <body[^>]+govuk-template__body
  • <a[^>]+govuk-link
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

1152 kB
Transfer

4795 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apply-for-probate.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F Page URL
  2. https://identity.nidirect.gov.uk/SAML/ReceiveRequest HTTP 302
    https://identity.nidirect.gov.uk/Customer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
InitiateSso
apply-for-probate.nidirect.gov.uk/Saml/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply-for-probate.nidirect.gov.uk/Saml/InitiateSso?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:9400:c:25d9:c300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8499a90dc02ab06c672f269639ad27bf7eb16bd7bb2ae83150898a3f28442ad1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-type
text/html; charset=utf-8
date
Sun, 24 Apr 2022 12:16:25 GMT
pragma
no-cache
server
Kestrel
strict-transport-security
max-age=2592000
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-id
25ittIh9kRCzUlytFXaY0QOPdjMxi50_Vaj6-h2oNigyUNBmrU5SQQ==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
6903d26f-e409-4351-51d4-aaa1abe94e3a
x-xss-protection
1; mode=block
Primary Request Customer
identity.nidirect.gov.uk/
Redirect Chain
  • https://identity.nidirect.gov.uk/SAML/ReceiveRequest
  • https://identity.nidirect.gov.uk/Customer
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2374faee4e4ca889bb3a5b3535c6239fcd8f3142db5ab942b089ee46165459e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://apply-for-probate.nidirect.gov.uk
Referer
https://apply-for-probate.nidirect.gov.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
700ec521af2fcc46-ZRH
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Apr 2022 12:16:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
x-amz-cf-id
7eD-9vaoIaN0yb5UXmNdcjrk4YBWBChxEZNK2-tikBCeknZ22M3Y1Q==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
422645de-b53b-46ca-634c-dacb81aa438d
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
700ec5206d86cc46-ZRH
content-length
0
date
Sun, 24 Apr 2022 12:16:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
location
/Customer
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
x-amz-cf-id
RGkxT1wyTubINesKPzBQ53OF1ELErLQdFMmh9XOCSAGwceLE3NGcsQ==
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-vcap-request-id
44c0f9a8-9a47-40e8-59d8-eafc81542b01
x-xss-protection
1; mode=block
uxg.css
identity.nidirect.gov.uk/assets/customer/css/ 		146 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/css/uxg.css
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82498580fa6d494b339645cd629c3cc4b4f8c87ad4c25b37c3d1eefaf077ad61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3ac9c7eb80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
x-vcap-request-id
187a1dba-d36e-454f-71e4-3c00c5564e0c
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8cfcc46-ZRH
x-amz-cf-id
JZsiPwgV5mRhOi66Ef9S-TXBIv4yQ4-hwA0x73z_1-tuVVDce5YCvw==
expires
Sun, 24 Apr 2022 16:16:26 GMT
nida.css
identity.nidirect.gov.uk/assets/customer/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/css/nida.css
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369095c31379b0920384a424e9d4f74ba7b4e7fbe4f86076c1c73ef6996e66c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 03b8fedec120c9a0833a57a86eae03ae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9c20e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
x-vcap-request-id
0be5e8f1-45cb-4ab1-4f48-09325de2f750
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8d1cc46-ZRH
x-amz-cf-id
EtFS8sNkw1826fVXKRoBcdamheLiWNBoblwYUn0GqWPrbzHFrSVX4w==
expires
Sun, 24 Apr 2022 16:16:26 GMT
jquery.js
identity.nidirect.gov.uk/assets/customer/js/ 		287 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/jquery.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd61478d74136e4f68bcc46b6d476d13b374c9a869e62ef394aabd151cfc905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acb8b1c7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
e7f101b6-a1d9-4f14-7b44-25bc24bf0b6c
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8d3cc46-ZRH
x-amz-cf-id
dUO9NlEoidKruj71439P2P-zt0hwRZTyRZs6bZ6PR9iBfA-AtRA26Q==
expires
Sun, 24 Apr 2022 16:16:26 GMT
html5shiv.js
identity.nidirect.gov.uk/assets/customer/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/html5shiv.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3aa003abf3b6aaf1654fe8669472e3c01dba7bb73be4a8b73a3423cfeeb0e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
44176986-c50e-46da-5e2e-c9d55d0de354
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8d6cc46-ZRH
x-amz-cf-id
ajozy8Wr-OhBQU41oh6BNg73YOCtfdOvBWYzCzdLXdpx5xLDeThptA==
expires
Sun, 24 Apr 2022 16:16:26 GMT
notifications.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/notifications.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa60d7e6dce9200963e58e0961b66e8c23cf24e808648f2312c4985222859a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ea3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
fce0cb6a-1623-4194-54cf-b4ddcfe2ced9
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8d7cc46-ZRH
x-amz-cf-id
NNxjiKsKHpZSP1SbpPkbMZI9TjLwB7Gv0YFq310iYO1k1Tjioup0Og==
expires
Sun, 24 Apr 2022 16:16:26 GMT
moment.js
identity.nidirect.gov.uk/assets/common/vendors/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/moment.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e99e5d37ba5419134c4f411451ddfd1bf5bc79f5aaa87b5eaaaeded2ab587ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acf23ff95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
f88afdad-4c4b-477b-6bc9-696927795b49
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8d8cc46-ZRH
x-amz-cf-id
4mIWMLWEWCHDhVTS-QLC7sbS3MDsdaXOo4wb0RWmdWS3sOzMh2wxVw==
expires
Sun, 24 Apr 2022 16:16:26 GMT
knockout-3.5.1.js
identity.nidirect.gov.uk/assets/common/vendors/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/knockout-3.5.1.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acf23e499"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
b1bcc830-3628-4e7f-68c7-90cba1471caa
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8dccc46-ZRH
x-amz-cf-id
RlUwOLRy4YzgfqN-eB2Mv6duA3QQw01azPgj4AEJFQ4Ssqul-hct2Q==
expires
Sun, 24 Apr 2022 16:16:26 GMT
auto-bind.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/auto-bind.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8671873fcb9c5de8cdbd7b759e2a11c26342702244df3df0b0a445c261bc346b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e1bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
cc804a0e-07a8-49e5-57b5-54ccf3aa3946
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8ddcc46-ZRH
x-amz-cf-id
3iEngzsv93nOqpPutZciJyWzNnHXG7Vl6KSDb5vcc4VLqQ6hdp_c4A==
expires
Sun, 24 Apr 2022 16:16:26 GMT
knockout-extensions.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		957 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/knockout-extensions.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd1031be800c6523093ef64f2446cb632a2cc18039794fb57a8a853027eaad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ecbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
9a750476-f5f3-44ad-6869-af9ad6c40d99
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8dfcc46-ZRH
x-amz-cf-id
AynXEU7Nz8dPG_ZfLL76qLAZLO9sOLr7mRZnhLqrNK2tEwnj_TtoZQ==
expires
Sun, 24 Apr 2022 16:16:26 GMT
link-to-form.js
identity.nidirect.gov.uk/assets/common/vendors/nitro/ 		774 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/vendors/nitro/link-to-form.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea186548b6fe24f4bcbfa2723077b709b4c5f26bb55b4b2811b80dd496e2993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 af287426c130b47dba79bf825f91ebba.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ec06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
36749c4e-b304-446d-6af8-83b5b681eca5
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8e0cc46-ZRH
x-amz-cf-id
KuIgFvTorJBmfAoUQR6dvpp0TlbxTAl_zof7tBntfxLy7RU3HhWGnQ==
expires
Sun, 24 Apr 2022 16:16:26 GMT
file-upload.js
identity.nidirect.gov.uk/assets/common/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/js/file-upload.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ee74b2d37755af5d00f942bccb7f24dfba9bb8f57104fce145186dda537e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9fd79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
7732ca97-fed5-42a7-7ddf-5a44de8a17c1
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8e2cc46-ZRH
x-amz-cf-id
YnGj16a2ZRn_fXs1GBV4nh4kPvE5wBA-mldVVi-Vg68sDGI10AfIug==
expires
Sun, 24 Apr 2022 16:16:26 GMT
image-upload.js
identity.nidirect.gov.uk/assets/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/common/js/image-upload.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2402a9b173f2d0922e64be60af20536bba0bc7fe458a52660e145348cae2909e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9f979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
73fa9c68-953d-438e-7aa9-c0283308f2d8
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8e4cc46-ZRH
x-amz-cf-id
dVHu_hVsqj_c4bYdu1d_jhKZyDO1B3tbUxCNe_ITlmytxm4LWLFUXw==
expires
Sun, 24 Apr 2022 16:16:26 GMT
address-lookup.js
identity.nidirect.gov.uk/assets/customer/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/address-lookup.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a517cf9e9ecd72b4a0fd9a36e9d1154a8802d417b5de55014ab0500b4d480a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9f50d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
656c69f0-a34a-4cac-5ab3-fe509b154b9b
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8e6cc46-ZRH
x-amz-cf-id
3ybb8NgO3_PCCh2VXJnS6iiXDjSXBeDZgaDbRSJGXTkUZvqHtSDloQ==
expires
Sun, 24 Apr 2022 16:16:26 GMT
authenticationtype-change.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/authenticationtype-change.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fa40c566ae514eb4c6f95033bd4b81e556265f06f2dfc01e7c4bbb389a378a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ea1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
884e29a6-e0e3-448c-68ff-6543fc37bded
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8e9cc46-ZRH
x-amz-cf-id
nQ-NYoWjx5x8lHwUhnK8q1tiulMfEdmT8SCyQgjfg8OKW1MBlYYCEA==
expires
Sun, 24 Apr 2022 16:16:26 GMT
confirmation.js
identity.nidirect.gov.uk/assets/customer/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/confirmation.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777193274e81aec93e4353fd0ddbd5ba88baa2c04f92c0d2ea58b3490e7e4304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9e67c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
4c9cdff2-3169-4370-4c2d-c40959ddcc1d
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8eccc46-ZRH
x-amz-cf-id
BAQkADhDhEcQ76F4BVqhKeCr5lOTJbtfqF-GDdEw0PRtCIv6LqoIZA==
expires
Sun, 24 Apr 2022 16:16:26 GMT
table-row-expander.js
identity.nidirect.gov.uk/assets/customer/js/ 		327 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/table-row-expander.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6622e353d30e83e0060767ac8e17a02f76bb0abb03ea45c184f960f6e86a8c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9ee47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
539eab6a-f2fd-4e2c-4aa0-b210eb8f54d1
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8edcc46-ZRH
x-amz-cf-id
oVJBN13lHU3dvfRhtOKkN_PL8v5o25B63tn8ftq1tJRZ0b8xx1Xhww==
expires
Sun, 24 Apr 2022 16:16:26 GMT
uxg.js
identity.nidirect.gov.uk/assets/customer/js/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/uxg.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59adbcd95527d810f588a6d9b7e221d88df1fe4caeca740115c960ea7d6b1d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f97946"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
a1f30adc-c4d0-4571-41ac-39ad235d4f12
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8f0cc46-ZRH
x-amz-cf-id
DddrBc99U9WWkpiC4hKZXwKrM_EosiNRXlQmR6KcRATXBFLDXxqSpQ==
expires
Sun, 24 Apr 2022 16:16:26 GMT
captured-image.js
identity.nidirect.gov.uk/assets/customer/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/captured-image.js?v=2
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5867b8b5e6c4df2d9c5b48e507e18c82c74b220b2ae13631596031fef245c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9d6b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
c963bb85-3591-470b-676e-4ef4db1e7bd1
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec522f8f3cc46-ZRH
x-amz-cf-id
osaOgwHm6ok0uI30DGyHSmRghwne5Hz7A7CscNrB3HFmKfnTcOOScw==
expires
Sun, 24 Apr 2022 16:16:26 GMT
nidirect_chat_bot.png
identity.nidirect.gov.uk/assets/customer/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identity.nidirect.gov.uk/assets/customer/images/nidirect_chat_bot.png
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df466b95af22ebdbe5ca4a0e1d286bef7bad5c3f4468e049a5fcb3a51a5598e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
1502
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d8384861f9eade"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-vcap-request-id
faaa57bd-7357-44aa-58c3-ba437dd60e1e
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
cf-ray
700ec523aa26cc46-ZRH
x-amz-cf-id
yfEwvVOnHHO2uBLAK6PhSOgZyZIGCmS-vt_cnc_DlOLWADFvn30Q_A==
expires
Sun, 24 Apr 2022 16:16:26 GMT
close-icon.png
identity.nidirect.gov.uk/assets/customer/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identity.nidirect.gov.uk/assets/customer/images/close-icon.png
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961089e75ead62563f727c15116afd9b1ccadb4b8025da7fbe9b79cacc43f91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
1237
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d8384861f9ebd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-vcap-request-id
d0311708-4b51-4c8b-4b81-86416d929ab8
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
cf-ray
700ec523aa28cc46-ZRH
x-amz-cf-id
HOriTH9JD3q0Dm7--p-1yT-NhzsqB7ktIh6vFxoy_QupceLz0iuY3g==
expires
Sun, 24 Apr 2022 16:16:26 GMT
webchat.js
cdn.botframework.com/botframework-webchat/latest/ 		4 MB
860 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.botframework.com/botframework-webchat/latest/webchat.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DF9) /
Resource Hash
b6a3f7222e0c674ecfc938ff2e6715efd822f02972aedee080025f8ded4beea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Apr 2022 12:16:26 GMT
content-encoding
gzip
content-md5
jabs1FBqpFIzb6q5ZEbfSw==
age
380
x-cache
HIT
content-length
879303
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 23:54:23 GMT
server
ECAcc (lha/8DF9)
etag
0x8D9FE3A4ECF28F0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
97cd4789-801e-007d-55d4-573403000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Sun, 24 Apr 2022 12:31:26 GMT
chatbot.js
identity.nidirect.gov.uk/assets/customer/js/ 		1 KB
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/chatbot.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff85eb40885c581185cbf125d3a0dcd76c7244e8cbc5e5e70f7e7d1194eed099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 15 Mar 2022 08:40:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d8384861f9eb70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
abe43c83-06a6-448e-70e7-b20cbb1f3323
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec52389f6cc46-ZRH
x-amz-cf-id
YW1q7ZCe-rneWhAmJq9lxj4bJPiHuxiCnt-70nlKAjxbCInbxOodyg==
expires
Sun, 24 Apr 2022 16:16:26 GMT
mitek-science-sdk.js
identity.nidirect.gov.uk/assets/customer/js/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/assets/customer/js/mitek-science-sdk.js
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a54279acc7eb6e522c5a55c96c96a6da3d46a38b69185cd8072dc647a63c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
5790
x-cache
Miss from cloudfront
content-encoding
gzip
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 15:46:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d83d3acb8e9f27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
x-vcap-request-id
515d329c-e8ca-48a3-6a9f-46cf95c0a8af
cache-control
public, max-age=14400
x-amz-cf-pop
ZRH50-C1
cf-ray
700ec523aa25cc46-ZRH
x-amz-cf-id
bxqIRdPTLZu6iOdmgTo23KQ-Abj32dKbJaq1cK3GTbwvXyrVxItA7w==
expires
Sun, 24 Apr 2022 16:16:26 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WKMHRP
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8e01f8794df3691dc5679e9c14dd6e66038e556dc9ef6f82ed8db49528b9428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40248
x-xss-protection
0
last-modified
Sun, 24 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Apr 2022 12:16:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WKMHRP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7155
date
Sun, 24 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 24 Apr 2022 12:17:11 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1965520208&t=pageview&_s=1&dl=https%3A%2F%2Fidentity.nidirect.gov.uk%2FCustomer&dr=https%3A%2F%2Fapply-for-probate.nidirect.gov.uk%2F&ul=en-us&de=UTF-8&dt=Do%20you%20have%20an%20nidirect%20account%3F%7Cnidirect%20account%7C%20nidirect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1776669989&gjid=1754902504&cid=1379952217.1650802586&tid=UA-26858713-14&_gid=253742764.1650802586&_r=1&gtm=2wg4k05WKMHRP&z=1575694307
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://identity.nidirect.gov.uk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 12:16:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://identity.nidirect.gov.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Token
identity.nidirect.gov.uk/Customer/Chatbot/ 		828 B
910 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identity.nidirect.gov.uk/Customer/Chatbot/Token
Requested by
Host: identity.nidirect.gov.uk
URL: https://identity.nidirect.gov.uk/Customer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab6d56c8ba7ce5eb251eea9b08d607937e7d8b84cac789d87ee1fcadf47a992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identity.nidirect.gov.uk/Customer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 12:16:26 GMT
via
1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
x-vcap-request-id
3d80c1f6-c08c-4c27-4a86-e8770232010c
cache-control
no-store,no-cache
cf-ray
700ec5263e79cc46-ZRH
x-amz-cf-id
RukiOxkzZNJ9VNUH55xKCfxOVM7Tu6Hgc9OFz0afx2khdlfNreBvdw==
conversations
directline.botframework.com/v3/directline/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://directline.botframework.com/v3/directline/conversations
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.93.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-ms-bot-agent,x-requested-with
Access-Control-Request-Method
POST
Origin
https://identity.nidirect.gov.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-ms-bot-agent,x-requested-with
access-control-allow-origin
*
access-control-max-age
600
arr-disable-session-affinity
true
cache-control
no-cache
content-length
0
date
Sun, 24 Apr 2022 12:16:26 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
conversations
directline.botframework.com/v3/directline/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://directline.botframework.com/v3/directline/conversations
Requested by
Host: cdn.botframework.com
URL: https://cdn.botframework.com/botframework-webchat/latest/webchat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.93.152 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd58ad500f650088ebc9bd6e03ae304ddea1ec75a3c543384dab079218bd876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9
Authorization
Bearer ew0KICAiYWxnIjogIlJTMjU2IiwNCiAgImtpZCI6ICIway1XY3VlUDRoZGEtdGJfYTh4TTc0M012UW8iLA0KICAieDV0IjogIjBrLVdjdWVQNGhkYS10Yl9hOHhNNzQzTXZRbyIsDQogICJ0eXAiOiAiSldUIg0KfQ.ew0KICAiYm90IjogIk5JREFXZWJBcHBCb3ROb2RlSlMiLA0KICAic2l0ZSI6ICJ1LWszcWVwaXRkayIsDQogICJjb252IjogIkY4czZUS3dlTEM2NEhkTG5sYWdscEItdWsiLA0KICAibmJmIjogMTY1MDgwMjU4NiwNCiAgImV4cCI6IDE2NTA4MDYxODYsDQogICJpc3MiOiAiaHR0cHM6Ly93ZWJjaGF0LmJvdGZyYW1ld29yay5jb20vIiwNCiAgImF1ZCI6ICJodHRwczovL3dlYmNoYXQuYm90ZnJhbWV3b3JrLmNvbS8iDQp9.UB-uK4bPPgwopuXzPFtPHEgMo5fwO9l5FcfK0lQcvjUu4KeEPwMjat36KuPwStrRxL2BpHyylOnb3awycxM0xoe14cJpsbMTJV19aeEuc5HdenFo5ZeGYLAjDEHHWz_2g6ze5CMuwtBkw7mkwBnHxWm3clylRaKvgP5bD2rOfMnz1Nz73dFlSqF3t9mO299TWaz2cXZi2Q3nx2uW-t55D3mP4euU05J2pnlgOaX-hKNFC4Xei6QE5FSe4wHFToMtz92rccuY4VYw4jXsnVGOQ1FLLo0Q0cB4RCBgS6PaJ5o_fqiZPiF7IcQMnn2WvBgxdGkQgHF_TtJE2zCENn1pJg
Content-Type
application/json
Accept
application/json
Referer
https://identity.nidirect.gov.uk/
X-Requested-With
XMLHttpRequest
x-ms-bot-agent
DirectLine/3.0 (directlinejs; WebChat/4.15.1 (Full) 0.15.1)

Response headers

pragma
no-cache
date
Sun, 24 Apr 2022 12:16:26 GMT
x-content-type-options
nosniff
cache-control
no-cache
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0d4325cd670c6c438b1a1c9d661f6f90
access-control-expose-headers
Retry-After
arr-disable-session-affinity
true
content-length
1954
x-xss-protection
1; mode=block
expires
-1

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer function| $ function| jQuery object| html5 object| Notifications function| moment object| ko object| Civica object| GOVUKFrontend object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| WebChat object| Components function| createAdaptiveCardsAttachmentForScreenReaderMiddleware function| createAdaptiveCardsAttachmentMiddleware function| createCognitiveServicesSpeechServicesPonyfillFactory function| createDirectLine function| createDirectLineAppServiceExtension function| createDirectLineSpeechAdapters function| createStyleSet function| default object| hooks function| renderMarkdown function| renderWebChat object| Constants function| concatMiddleware function| connectToWebChat function| createBrowserWebSpeechPonyfillFactory function| createStore function| createStoreWithDevTools string| version object| webpackJsonpmitekScienceSDK object| core object| mitekScienceSDK

6 Cookies

Domain/Path Name / Value
apply-for-probate.nidirect.gov.uk/ Name: saml-session
Value: 26b68cfd-185e-4a0a-a57b-33d6f6fadc45
identity.nidirect.gov.uk/ Name: .AspNetCore.Session
Value: CfDJ8LyeEusg74BIqxYn8GgZyFOk0Ge%2FzmFEC0WqidabsxLqtDd9goaZ06qlnCr2jrmiIefj672mB7Mw0kD1LxUVnR%2FHCl8YBC%2F0o2Ly4EYp7xltnISzCAP0hEMtnR366M7U7PqQjkE8u5B8eTUKNCJM4H0ZHTaCvFvn3hQsZPV9SC88
identity.nidirect.gov.uk/ Name: .AspNetCore.Antiforgery.o5g48ybWK7c
Value: CfDJ8LyeEusg74BIqxYn8GgZyFMkwiv0W0cHq-HvI4PE5i16j9hhHUoZhN7_EnSm2kQL70W5CZqguhh1JpjWqJfusr8yj3sTQpakpX4pua3-o1HhmH_7ofp5ptOp_UI4JlFVxsUvKUjrZTH0UP251mWf7IM
.nidirect.gov.uk/ Name: _ga
Value: GA1.3.1379952217.1650802586
.nidirect.gov.uk/ Name: _gid
Value: GA1.3.253742764.1650802586
.nidirect.gov.uk/ Name: _gat_UA-26858713-14
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply-for-probate.nidirect.gov.uk
cdn.botframework.com
directline.botframework.com
identity.nidirect.gov.uk
www.google-analytics.com
www.googletagmanager.com
13.95.93.152
152.199.19.160
2600:9000:236e:9400:c:25d9:c300:93a1
2606:4700::6812:34d
2a00:1450:4001:811::2008
2a00:1450:4001:831::200e
0e99e5d37ba5419134c4f411451ddfd1bf5bc79f5aaa87b5eaaaeded2ab587ce
2402a9b173f2d0922e64be60af20536bba0bc7fe458a52660e145348cae2909e
369095c31379b0920384a424e9d4f74ba7b4e7fbe4f86076c1c73ef6996e66c4
59adbcd95527d810f588a6d9b7e221d88df1fe4caeca740115c960ea7d6b1d2a
6622e353d30e83e0060767ac8e17a02f76bb0abb03ea45c184f960f6e86a8c55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df466b95af22ebdbe5ca4a0e1d286bef7bad5c3f4468e049a5fcb3a51a5598e
777193274e81aec93e4353fd0ddbd5ba88baa2c04f92c0d2ea58b3490e7e4304
7f5867b8b5e6c4df2d9c5b48e507e18c82c74b220b2ae13631596031fef245c7
82498580fa6d494b339645cd629c3cc4b4f8c87ad4c25b37c3d1eefaf077ad61
8499a90dc02ab06c672f269639ad27bf7eb16bd7bb2ae83150898a3f28442ad1
8671873fcb9c5de8cdbd7b759e2a11c26342702244df3df0b0a445c261bc346b
961089e75ead62563f727c15116afd9b1ccadb4b8025da7fbe9b79cacc43f91d
9aa60d7e6dce9200963e58e0961b66e8c23cf24e808648f2312c4985222859a7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2374faee4e4ca889bb3a5b3535c6239fcd8f3142db5ab942b089ee46165459e
aea186548b6fe24f4bcbfa2723077b709b4c5f26bb55b4b2811b80dd496e2993
b3aa003abf3b6aaf1654fe8669472e3c01dba7bb73be4a8b73a3423cfeeb0e39
b6a3f7222e0c674ecfc938ff2e6715efd822f02972aedee080025f8ded4beea1
b6ee74b2d37755af5d00f942bccb7f24dfba9bb8f57104fce145186dda537e32
c8fa40c566ae514eb4c6f95033bd4b81e556265f06f2dfc01e7c4bbb389a378a
d8a517cf9e9ecd72b4a0fd9a36e9d1154a8802d417b5de55014ab0500b4d480a
d8a54279acc7eb6e522c5a55c96c96a6da3d46a38b69185cd8072dc647a63c3e
dab6d56c8ba7ce5eb251eea9b08d607937e7d8b84cac789d87ee1fcadf47a992
dcd61478d74136e4f68bcc46b6d476d13b374c9a869e62ef394aabd151cfc905
dd58ad500f650088ebc9bd6e03ae304ddea1ec75a3c543384dab079218bd876d
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
e8e01f8794df3691dc5679e9c14dd6e66038e556dc9ef6f82ed8db49528b9428
fcd1031be800c6523093ef64f2446cb632a2cc18039794fb57a8a853027eaad3
ff85eb40885c581185cbf125d3a0dcd76c7244e8cbc5e5e70f7e7d1194eed099