Overview

URLdiscount-scheme-application.com/auth
IP 34.65.78.119 (Switzerland)
ASN#396982 GOOGLE-CLOUD-PLATFORM
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2022-12-02 11:20:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
www.gov.uk (14) 10298 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 7574 185592 151.101.192.144
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 52.39.62.124
ocsp.digicert.com (2) 86 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 682 1555 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5844 34.160.144.191
discount-scheme-application.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 735 729 34.65.78.119
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 229 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3245 56806 34.120.237.76
r3.o.lencr.org (7) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2366 6202 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2373 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 medium discount-scheme-application.com/auth Phishing
2022-12-02 medium discount-scheme-application.com/auth/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-02 medium discount-scheme-application.com Sinkholed
2022-12-02 medium discount-scheme-application.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.65.78.119
Date UQ / IDS / BL URL IP
2022-12-02 00:45:29 UTC 0 - 0 - 4 discount-scheme-application.com/auth 34.65.78.119
2022-12-02 00:45:28 UTC 0 - 0 - 2 myenergy-discount-scheme.com/auth 34.65.78.119
2022-12-02 20:14:27 UTC 0 - 0 - 6 discount-scheme-application.com/auth 34.65.78.119
2022-12-02 20:12:25 UTC 0 - 0 - 4 myenergy-discount-scheme.com/auth 34.65.78.119
2022-12-02 13:05:32 UTC 0 - 0 - 4 discount-scheme-application.com/auth 34.65.78.119


Last 5 reports on ASN: GOOGLE-CLOUD-PLATFORM
Date UQ / IDS / BL URL IP
2023-06-06 23:54:53 UTC 0 - 3 - 1 cholesterol-circumstance.misecure.com/ 34.97.190.192
2023-06-06 23:40:20 UTC 0 - 3 - 1 superlative-stroopwafel-3f67a9.netlify.app/ 34.141.48.9
2023-06-06 23:14:48 UTC 0 - 1 - 4 www2.etc-meisai.jpetcrfunccode1013000000.mool (...) 35.221.111.57
2023-06-06 23:04:10 UTC 0 - 0 - 66 3656p.net/ 34.92.53.168
2023-06-06 21:32:57 UTC 0 - 0 - 1 bitly.net/2x8HX16 199.91.151.5


Last 4 reports on domain: discount-scheme-application.com
Date UQ / IDS / BL URL IP
2022-12-02 00:45:29 UTC 0 - 0 - 4 discount-scheme-application.com/auth 34.65.78.119
2022-12-02 20:14:27 UTC 0 - 0 - 6 discount-scheme-application.com/auth 34.65.78.119
2022-12-02 13:05:32 UTC 0 - 0 - 4 discount-scheme-application.com/auth 34.65.78.119
2022-12-02 11:20:01 UTC 0 - 0 - 4 discount-scheme-application.com/auth 34.65.78.119


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-02 09:51:01 UTC 0 - 0 - 18 energy-rebate-gov.web.app/ 199.36.158.100
2023-01-27 02:38:57 UTC 0 - 0 - 2 energy-rebatescheme-gb.com/auth 185.244.183.174
2022-11-29 20:21:51 UTC 0 - 0 - 2 mysupport-scheme-uk.com/auth 80.66.64.247
2022-11-29 01:05:27 UTC 0 - 0 - 2 mysupport-scheme-form.com/auth 45.143.139.115
2022-11-28 18:15:31 UTC 0 - 0 - 2 mysupport-scheme-form.com/auth 45.143.139.115

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (36)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9128
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 11:19:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 6475
Cache-Control: max-age=89957
Date: Fri, 02 Dec 2022 11:19:50 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:19:07 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 10:19:55 GMT
cache-control: public,max-age=3600
age: 3595
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6093
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 11:19:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: xkpOeGZ2E4SHbExCQ5f6C59iSkc4qOzaCSTpvm/9/ho/Jl0dwpyDeG+AvCCHx7zHfDB4Eb45iVU=
x-amz-request-id: 633JGMGSB3V7DZ1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 10:46:05 GMT
age: 2025
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /auth HTTP/1.1 
Host: discount-scheme-application.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             34.65.78.119
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                            
server: nginx
date: Fri, 02 Dec 2022 11:19:50 GMT
content-length: 252
location: http://discount-scheme-application.com/auth/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   252
Md5:    1c483ec07f4ee66d91a01df6809d075c
Sha1:   e94cdfbeae6596484e86e7cac4b93b875d25f0b1
Sha256: 13a30b90944d036a9e2d09daa27d47992eff19bbcca3313018d43cf3bab64999

Blocklists:
  - fortinet: Phishing
  - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Fri, 02 Dec 2022 11:19:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /auth/ HTTP/1.1 
Host: discount-scheme-application.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             34.65.78.119
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                            
server: nginx
date: Fri, 02 Dec 2022 11:19:50 GMT
content-length: 95
vary: Accept-Encoding
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   95
Md5:    e844d5007cee2687c0be0aff42f2a478
Sha1:   e3cd01c088b95137a3158eff48689c7c5a339faa
Sha256: cebd6fe02dd553ed19b1ec59d24465cdf366a2f03649cf9c3cc0dbf759d4f47d

Blocklists:
  - fortinet: Phishing
  - quad9: Sinkholed
                                        
                                            GET /?err=DESKTOP_ERROR HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://discount-scheme-application.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                            
server: nginx
cache-control: max-age=300, public
content-security-policy-report-only: default-src https: 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk; img-src 'self' data: *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com lux.speedcurve.com assets.digital.cabinet-office.gov.uk; script-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com www.gstatic.com www.signin.service.gov.uk *.ytimg.com www.youtube.com www.youtube-nocookie.com hmrc-uk.digital.nuance.com 'unsafe-inline'; style-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.gstatic.com 'unsafe-inline'; font-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk data:; connect-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com lux.speedcurve.com www.tax.service.gov.uk hmrc-uk.digital.nuance.com hmpowebchat.klick2contact.com omni.eckoh.uk www.signin.service.gov.uk; object-src 'none'; frame-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.youtube.com www.youtube-nocookie.com; report-uri https://jhpno0hk6b.execute-api.eu-west-2.amazonaws.com/production
etag: W/"c2f58c80f5b979a94c78e4e1605ffa33"
link: </assets/frontend/application-91195143e6aa5623b4c692d19c44157465cfeb575c2feda3ed8311928fe694e4.css>; rel=preload; as=style; nopush,</assets/frontend/print-4999bb4fdea0b565c697e98b104fb7bd59065c43de8ef05798bf71279618e981.css>; rel=preload; as=style; nopush,</assets/frontend/application-0e08056e9b1e37cd27111ee50bfafca09c632133c5cb3d1e5f90ac5cb2706f7c.js>; rel=preload; as=script; nopush
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; preload
via: 1.1 router, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: 40060702-205c-48e1-a3e8-7a9a748b4616
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
age: 203
x-served-by: cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 2
x-timer: S1669979991.035372,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 11839
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2035)
Size:   11839
Md5:    a85ce6f5cd6292d9df69c874b3c3cd0a
Sha1:   c4db165f9be5d6051f24bb12b8b3e6a087a8beb1
Sha256: e3b51bbbfb26161adf244d54dec9dc13c6aa0a0c6a8cd6d704797ac6352b8ff8
                                        
                                            GET /assets/frontend/application-91195143e6aa5623b4c692d19c44157465cfeb575c2feda3ed8311928fe694e4.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: text/css
                                            
server: nginx
last-modified: Tue, 29 Nov 2022 15:48:41 GMT
etag: "638629d9-2c883"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 240698
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1669979991.090678,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 18160
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size:   18160
Md5:    9c80cc6dd1bf554b1d995a7d15fc1bf0
Sha1:   92bca7ebf7211d6da857e445779473a99825ab15
Sha256: f76a59c340dc7289bfd4b51e9b5c7dadcdbb0eb4e21505c31811fc988aad19e6
                                        
                                            GET /assets/frontend/print-4999bb4fdea0b565c697e98b104fb7bd59065c43de8ef05798bf71279618e981.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: text/css
                                            
server: nginx
last-modified: Thu, 07 Jul 2022 14:25:06 GMT
etag: "62c6ecc2-179d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 3313104
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 494
x-timer: S1669979991.090913,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 1459
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6044)
Size:   1459
Md5:    26a02fae2d594e77ee416655c631f04a
Sha1:   32a6fa831014a9bdfb34d37cf97a7bfb0f519d46
Sha256: ad03e42ab00f76bd04212b535f131f7b2fec8f95bcb63344f963689ecd0a3ab2
                                        
                                            GET /assets/frontend/application-0e08056e9b1e37cd27111ee50bfafca09c632133c5cb3d1e5f90ac5cb2706f7c.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: nginx
last-modified: Tue, 29 Nov 2022 15:48:45 GMT
etag: "638629dd-1b36c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 115455
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1669979991.091472,VS0,VE0
vary: Accept-Encoding
content-length: 17514
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32767)
Size:   17514
Md5:    c59f46f70ae4fc30cec0b15e848585da
Sha1:   1b5924a3be73af88ec609980b673e27a38a3a0a7
Sha256: d0ee84c926ea5a8a4ecd96227efdac2347c7bd34eb17a3589af9b828b54a4b6f
                                        
                                            GET /assets/static/govuk_publishing_components/vendor/lux/lux-measurer-505eef3e243b1d08ea7c4b945ebe1ae146d896db61366e415b30cc1bcd84cbdc.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: nginx
last-modified: Wed, 29 Jun 2022 14:34:03 GMT
etag: "62bc62db-973"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 2705036
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 48
x-timer: S1669979991.092491,VS0,VE0
vary: Accept-Encoding
content-length: 849
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2419), with no line terminators
Size:   849
Md5:    435cd39a8fc749ab61d3fcfc432bcfda
Sha1:   a4dee335548adb5c8a54d73a8af240cacc7c55fe
Sha256: 67007c7eacfc6598236c4bed09ae1ee32d36a409a4369f3c52cf42ca227e77da
                                        
                                            GET /assets/static/govuk_publishing_components/rum-loader-c53469dcb841d7b228c914a2e8bdcf3b831a578adf7d4f21cf9da5b85df7381e.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:38 GMT
etag: "624ac7a2-29d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 6860785
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 46
x-timer: S1669979991.092890,VS0,VE0
vary: Accept-Encoding
content-length: 317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (669), with no line terminators
Size:   317
Md5:    796b7171fb19302aaf53642a870ab17f
Sha1:   ea79fc864b50cb238bb98ec37c88b71597fba414
Sha256: 600ca787edc7e7bfc078507e020b8e47fe09594ca33efe2bf96564a11b5f10e6
                                        
                                            GET /assets/static/application-2ff816c36affa8947857ec173cb86a848ca6559ef267a9245df61d2aa326f2df.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: text/css
                                            
server: nginx
last-modified: Tue, 29 Nov 2022 15:31:06 GMT
etag: "86cf7d96691f32a9b0149e1c7d6c5a61"
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: origin, authorization
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 244053
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 52
x-timer: S1669979991.093491,VS0,VE0
vary: Accept-Encoding
content-length: 17864
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   17864
Md5:    0021c3ae9c4e33036513bdd1003c58d5
Sha1:   9e683357df12af3039b0354e316734de6ee99360
Sha256: 67c7d0c6f6d5823328bfc263b6a19b21efd819c613c29555944fa474f0659d7a
                                        
                                            GET /assets/static/application-a5f968ec7a3dd69182f0eeb619832232f22f189a7d0bb4a01ee4c4040c4db58e.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: nginx
last-modified: Tue, 29 Nov 2022 15:25:51 GMT
etag: "6386247f-21cdb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 240710
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 53
x-timer: S1669979991.094030,VS0,VE0
vary: Accept-Encoding
content-length: 26186
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32767)
Size:   26186
Md5:    eda57204eee6c7cb7171637ce9428030
Sha1:   9d58457ae641507578fd8f6baed4beaf2c511382
Sha256: b0ad7592fc30b3358edbfd56762a644fd8609f7f25b59f01482d32e5024ef279
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:11:15 GMT
cache-control: public,max-age=3600
age: 516
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /assets/static/print-e46a9d924a5eedb529468b565b8b5a1b308f218f19f0afc6998d0f295b24af48.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: text/css
                                            
server: nginx
last-modified: Wed, 12 Oct 2022 15:26:00 GMT
etag: "6346dc88-f3d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 1507897
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 47
x-timer: S1669979991.270596,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 6629
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62424)
Size:   6629
Md5:    ff513b77ec427326c51513132d437a72
Sha1:   0c5d561834be289faa80a21bb5c873bea1ba5929
Sha256: 1f7cd470f1fa66bf39d5dae554742ac878572391d1fdc4e4c3be29422363c6d8
                                        
                                            GET /assets/static/govuk-crest-87038e62e594b5f83ea40e0fb480fe7a5f41ba0db3917f709dfb39043f19a0f7.png HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-2ff816c36affa8947857ec173cb86a848ca6559ef267a9245df61d2aa326f2df.css
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: image/png
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-e00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 2529188
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 33
x-timer: S1669979991.277897,VS0,VE0
content-length: 3584
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 125 x 102, 8-bit colormap, non-interlaced\012- data
Size:   3584
Md5:    bcd5768bd7721641ee71ba103bb38900
Sha1:   42a8d445a3446dee17cc6684ea055703e490bf5e
Sha256: bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
                                        
                                            GET /assets/static/light-94a07e06a1-v2-01565b0034e61d4609689bbb7ae0be844701f3812c8fe029fa1659b7ef3aa94f.woff2 HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-2ff816c36affa8947857ec173cb86a848ca6559ef267a9245df61d2aa326f2df.css
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: font/woff2
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:38 GMT
etag: "624ac7a2-8266"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: origin, authorization
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 2118589
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 51
x-timer: S1669979991.278051,VS0,VE0
content-length: 33382
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33382, version 1.131\012- data
Size:   33382
Md5:    94a07e06a104e76fe40583f74b204aee
Sha1:   3202361735eb0c59277c2140c34dd77879df43de
Sha256: eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
                                        
                                            GET /assets/static/bold-b542beb274-v2-35bf540bb39615b6a517986f3aa83f7fefa1efd1878603eeeb196488078542d1.woff2 HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-2ff816c36affa8947857ec173cb86a848ca6559ef267a9245df61d2aa326f2df.css
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: font/woff2
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-7af8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: origin, authorization
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 6954068
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 50
x-timer: S1669979991.278234,VS0,VE0
content-length: 31480
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31480, version 1.0\012- data
Size:   31480
Md5:    b542beb2746ca0e4a5a9aa7ea7767df7
Sha1:   edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2
Sha256: 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
                                        
                                            GET /assets/static/favicon-9ed7849c462c53aa2cdf1690eb257e801ecbf5696d1d0928868c5b032b4adb36.ico HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: image/x-icon
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 2459356
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 48
x-timer: S1669979991.299467,VS0,VE0
vary: Accept-Encoding
content-length: 2361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 8 bits/pixel\012- data
Size:   2361
Md5:    78294581284ff8d4b931d52201629bdc
Sha1:   d33e3788eb5e94151c30b0598ce5c8446915cbeb
Sha256: 05b6a062ef2604e9c686bfd247ca11c86de0243827fd842d6b64d0f830f1744d
                                        
                                            GET /assets/static/govuk-apple-touch-icon-180x180-026deaa34fa328ae5f1f519a37dbd15e6555c5086e1ba83986cd0827a7209902.png HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/?err=DESKTOP_ERROR
Connection: keep-alive
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             151.101.192.144
HTTP/2 200 OK
content-type: image/png
                                            
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-daf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:19:51 GMT
via: 1.1 varnish
age: 112838
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669979991.299094,VS0,VE1
content-length: 3503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size:   3503
Md5:    a0f7e1b728a42016b247dc54ee40d055
Sha1:   f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037
Sha256: ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 6464
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 11:19:51 GMT
Etag: "63886ea9-1d7"
Last-Modified: Fri, 02 Dec 2022 09:32:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zFP5gWi+nOp+xsUeeB2j9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             52.39.62.124
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SYBtG3b9PJLH2LOTOVbinRnCz+A=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:19:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:19:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:19:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:19:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7592
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:19:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 49498
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6882
Md5:    25c68d8b1fae82820f93efca500fd848
Sha1:   45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
Sha256: f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 79076
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8863
Md5:    156e9ea97b774cbd8361072e4041b6c8
Sha1:   fc71ae3cae92ed6011904bb2367f23bf4e69fab4
Sha256: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 48362
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10270
Md5:    4c7113338bc3310b13d23ca415c177e2
Sha1:   2cb4edc6b161c6d2d5b47aa498ae54e677966466
Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:42:38 GMT
age: 16634
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13461
Md5:    16a112f00456d38c4c9e051ccf40e105
Sha1:   8fe32fffe672f0e91ce773af0e4be960f55bad08
Sha256: 43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 21577
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 19144
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f