Overview

URL bill-rebate-gov.firebaseapp.com/
IP199.36.158.100
ASNFASTLY
Location United States
Report completed2022-10-03 13:33:49 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 bill-rebate-gov.firebaseapp.com/ Phishing
2022-10-03 2 bill-rebate-gov.firebaseapp.com/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-03 2 bill-rebate-gov.firebaseapp.com Sinkholed
2022-10-03 2 bill-rebate-gov.firebaseapp.com Sinkholed


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 04:56:22 UTC 34.117.237.239
mnemonic passive DNS www.gov.uk (14) 10298 2012-07-25 22:02:41 UTC 2022-10-03 11:00:05 UTC 151.101.84.144
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 05:10:27 UTC 52.38.146.2
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 08:58:12 UTC 143.204.55.115
mnemonic passive DNS ocsp.pki.goog (1) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 07:33:02 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 07:41:14 UTC 34.120.237.76
mnemonic passive DNS bill-rebate-gov.firebaseapp.com (2) 0 2022-09-26 23:37:20 UTC 2022-10-03 01:26:14 UTC 199.36.158.100 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.36.158.100

Date UQ / IDS / BL URL IP
2022-12-07 00:26:12 +0000
0 - 0 - 1 remondremebe-cfbc0.web.app/ 199.36.158.100
2022-12-07 00:06:00 +0000
0 - 0 - 1 motive-share-point-0utlook.web.app/gcmlp.com/ (...) 199.36.158.100
2022-12-06 23:56:54 +0000
0 - 0 - 2 sullivan-share-point-0utlook.web.app/icbc.com (...) 199.36.158.100
2022-12-06 15:57:26 +0000
0 - 0 - 2 cancel699093-binance-com.web.app/ 199.36.158.100
2022-12-06 15:35:21 +0000
0 - 0 - 4 sullivan-share-point-0utlook.web.app/swissre. (...) 199.36.158.100

Last 5 reports on ASN: FASTLY

Date UQ / IDS / BL URL IP
2022-12-07 00:26:12 +0000
0 - 0 - 1 remondremebe-cfbc0.web.app/ 199.36.158.100
2022-12-07 00:06:00 +0000
0 - 0 - 1 motive-share-point-0utlook.web.app/gcmlp.com/ (...) 199.36.158.100
2022-12-06 23:56:54 +0000
0 - 0 - 2 sullivan-share-point-0utlook.web.app/icbc.com (...) 199.36.158.100
2022-12-06 23:37:23 +0000
0 - 0 - 0 www.paypal.com/invoice/payerView/details/INV2 (...) 151.101.65.21
2022-12-06 23:34:30 +0000
0 - 0 - 0 www.paypal.com/invoice/payerView/details/INV2 (...) 151.101.65.21

Last 1 reports on domain: bill-rebate-gov.firebaseapp.com

Date UQ / IDS / BL URL IP
2022-10-03 13:33:49 +0000
0 - 0 - 4 bill-rebate-gov.firebaseapp.com/ 199.36.158.100

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-02 15:44:55 +0000
0 - 0 - 1 hmrc-rebate-tax-unit.com/Login.php?sslchannel (...) 34.65.46.50


JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (35)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: bill-rebate-gov.firebaseapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.36.158.100
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://bill-rebate-gov.firebaseapp.com/
Accept-Ranges: bytes
Date: Mon, 03 Oct 2022 13:33:39 GMT
X-Served-By: cache-bma1682-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1664804019.022405,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 13:04:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7rFzBAtq2CgRJvY1GQJnJnXHf8TktpX_uVHhe-b6RlZmjYNKEGEv3w==
Age: 1770


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Mon, 03 Oct 2022 14:24:09 GMT
Date: Mon, 03 Oct 2022 13:33:39 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AGT6qBRlK0tD0uPBhV_L-jsmg-YeELic7Tx1fxjfb9eeNrxhyLnHHQ==
age: 29112
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: bill-rebate-gov.firebaseapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.36.158.100
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=3600
content-encoding: br
etag: "db9436788c1f70adaf0c23b77b5ea2be4343c93f6f5f31818274447b1b36816e-br"
last-modified: Sun, 25 Sep 2022 17:13:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664804019.239005,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1663)
Size:   732
Md5:    b0d4bf8f6f980c17ea9bdcc90769b4fe
Sha1:   e65093a96d28ef8a4cdba7e67f946e17f5a4308a
Sha256: b10c750b1f022814782c9e63d4526725efdca24dfb89d074002a20ef41ab4ae8

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST /s/gts1d4int/vfTajG9ARFE HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 13:33:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 13:33:39 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bill-rebate-gov.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
cache-control: max-age=300, public
content-security-policy-report-only: default-src https: 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk; img-src 'self' data: *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com lux.speedcurve.com assets.digital.cabinet-office.gov.uk; script-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com www.gstatic.com www.signin.service.gov.uk *.ytimg.com www.youtube.com www.youtube-nocookie.com hmrc-uk.digital.nuance.com 'unsafe-inline'; style-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.gstatic.com 'unsafe-inline'; font-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk data:; connect-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net www.googletagmanager.com www.region1.google-analytics.com region1.google-analytics.com lux.speedcurve.com www.tax.service.gov.uk hmrc-uk.digital.nuance.com hmpowebchat.klick2contact.com omni.eckoh.uk www.signin.service.gov.uk; object-src 'none'; frame-src 'self' *.publishing.service.gov.uk www.gov.uk *.dev.gov.uk www.youtube.com www.youtube-nocookie.com; report-uri https://jhpno0hk6b.execute-api.eu-west-2.amazonaws.com/production
etag: W/"f9022ec455d50bc8386acb402c6cfa39"
link: </assets/frontend/application-821ddae6ab6f529f03b381944ed4b0465a479193e0e5f1885c585fcdedefe0a8.css>; rel=preload; as=style; nopush,</assets/frontend/print-4999bb4fdea0b565c697e98b104fb7bd59065c43de8ef05798bf71279618e981.css>; rel=preload; as=style; nopush,</assets/frontend/application-49e9fd9f48423c583acf5295dcd8b785f6690e0194e0a664f1808a1449f7bb47.js>; rel=preload; as=script; nopush
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; preload
via: 1.1 router, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: dcd0a6f2-6d39-4eb7-aeef-d96ba8db2fcf
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
age: 200
x-served-by: cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 1
x-timer: S1664804020.782021,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
content-length: 11725
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2035)
Size:   11725
Md5:    e341b7b51057ad3702cb59736a6277c9
Sha1:   73fd6ae298c07725e8db5ea506fc1985d89bfa5b
Sha256: d4a339cbeffcecc67bcaacc7cd7ae46276d30b8f8ddf583e80abb120e28cb1c2
                                        
                                            GET /assets/frontend/print-4999bb4fdea0b565c697e98b104fb7bd59065c43de8ef05798bf71279618e981.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 07 Jul 2022 14:25:06 GMT
etag: "62c6ecc2-179d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 550835
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1664804020.858040,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 1459
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6044)
Size:   1459
Md5:    26a02fae2d594e77ee416655c631f04a
Sha1:   32a6fa831014a9bdfb34d37cf97a7bfb0f519d46
Sha256: ad03e42ab00f76bd04212b535f131f7b2fec8f95bcb63344f963689ecd0a3ab2
                                        
                                            GET /assets/static/govuk_publishing_components/rum-loader-c53469dcb841d7b228c914a2e8bdcf3b831a578adf7d4f21cf9da5b85df7381e.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:38 GMT
etag: "624ac7a2-29d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 1684813
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 148
x-timer: S1664804020.857984,VS0,VE0
vary: Accept-Encoding
content-length: 317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (669), with no line terminators
Size:   317
Md5:    796b7171fb19302aaf53642a870ab17f
Sha1:   ea79fc864b50cb238bb98ec37c88b71597fba414
Sha256: 600ca787edc7e7bfc078507e020b8e47fe09594ca33efe2bf96564a11b5f10e6
                                        
                                            GET /assets/frontend/application-821ddae6ab6f529f03b381944ed4b0465a479193e0e5f1885c585fcdedefe0a8.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Wed, 21 Sep 2022 10:34:16 GMT
etag: "632ae8a8-2c69a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 1047550
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1664804020.854040,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 18160
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size:   18160
Md5:    1fffe359b13bc487e86ff14e6b5ef1f4
Sha1:   dc414b9bc92f30579ef79d6ec79008a2134057f7
Sha256: 5d89b8e171a20d5334c1b40bf59a746299640270e81e386b3e45ec4680d97759
                                        
                                            GET /assets/frontend/application-49e9fd9f48423c583acf5295dcd8b785f6690e0194e0a664f1808a1449f7bb47.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 26 Sep 2022 08:52:57 GMT
etag: "63316869-1982e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 621591
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664804020.858025,VS0,VE0
vary: Accept-Encoding
content-length: 15570
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32767)
Size:   15570
Md5:    f5548475ff3492a067f821454e8014a5
Sha1:   fae130c002f75dd926a52c3f3994b9337ad18af9
Sha256: caed3149004913db0e2f032585a3d812edcd6bc5d29bc5ce0ae952453985c600
                                        
                                            GET /assets/static/application-4d0a30e4ea17a02c4ff0e896efebbf3cf3eedb16204f9a9111fb075418950d6c.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 09 Sep 2022 15:37:32 GMT
etag: "631b5dbc-32428"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 2066138
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2665
x-timer: S1664804020.857957,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 17862
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   17862
Md5:    b83b2b7dae63775828b45d4b9760f107
Sha1:   711efb8bad39a67b79712592079378be2bb70741
Sha256: deda28729d9c3f82c706066ac139213d072994f54944668b81b308c800545ddf
                                        
                                            GET /assets/static/govuk_publishing_components/vendor/lux/lux-measurer-505eef3e243b1d08ea7c4b945ebe1ae146d896db61366e415b30cc1bcd84cbdc.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 29 Jun 2022 14:34:03 GMT
etag: "62bc62db-973"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 2366766
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 153
x-timer: S1664804020.858008,VS0,VE0
vary: Accept-Encoding
content-length: 849
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2419), with no line terminators
Size:   849
Md5:    435cd39a8fc749ab61d3fcfc432bcfda
Sha1:   a4dee335548adb5c8a54d73a8af240cacc7c55fe
Sha256: 67007c7eacfc6598236c4bed09ae1ee32d36a409a4369f3c52cf42ca227e77da
                                        
                                            GET /assets/static/application-087272cd04e26ba8d2c7c0ccef5db8dcc67495fdae7ef356f838d916abeda4c6.js HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 27 Sep 2022 16:08:38 GMT
etag: "63332006-20757"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 509076
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 173
x-timer: S1664804020.857946,VS0,VE0
vary: Accept-Encoding
content-length: 25137
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32767)
Size:   25137
Md5:    550792e695e3b0472ef029dfd0198239
Sha1:   f5fa6605b429f647f29c620cfdc8047cdf3bd73e
Sha256: 2d247d54b576c71e81d9a432e3da6de4811215c8c5a7fe47a206eb273fe614e3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 13:29:33 GMT
Expires: Mon, 03 Oct 2022 14:05:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mzIR84nAWJlblEYDPgPiD9C8kGMvUDpOfxRFTBBdq-G7lujfOsk4XQ==
Age: 246


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /assets/static/print-bec47bfcef04d828411851a031b4ff4de7144980b52046d17755e41959083555.css HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 09 Sep 2022 15:37:33 GMT
etag: "631b5dbd-f3b4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 554604
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 156
x-timer: S1664804020.975585,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
content-length: 6621
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62387)
Size:   6621
Md5:    b7bd804946ebb71a5531d1fb89396bf6
Sha1:   c0660aae2bcab558f270fd8eac5c8f05e4cfa7bf
Sha256: 3248436ed51566177b2749d0d40016ad263543b6f38ccb119daf31db8a3b59cf
                                        
                                            GET /assets/static/light-94a07e06a1-v2-01565b0034e61d4609689bbb7ae0be844701f3812c8fe029fa1659b7ef3aa94f.woff2 HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-4d0a30e4ea17a02c4ff0e896efebbf3cf3eedb16204f9a9111fb075418950d6c.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-8266"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: origin, authorization
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:39 GMT
via: 1.1 varnish
age: 1692897
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 163
x-timer: S1664804020.977188,VS0,VE0
content-length: 33382
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33382, version 1.131\012- data
Size:   33382
Md5:    94a07e06a104e76fe40583f74b204aee
Sha1:   3202361735eb0c59277c2140c34dd77879df43de
Sha256: eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
                                        
                                            GET /assets/static/govuk-crest-87038e62e594b5f83ea40e0fb480fe7a5f41ba0db3917f709dfb39043f19a0f7.png HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-4d0a30e4ea17a02c4ff0e896efebbf3cf3eedb16204f9a9111fb075418950d6c.css
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-e00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:40 GMT
via: 1.1 varnish
age: 2375758
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 40
x-timer: S1664804020.029037,VS0,VE0
content-length: 3584
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 125 x 102, 8-bit colormap, non-interlaced\012- data
Size:   3584
Md5:    bcd5768bd7721641ee71ba103bb38900
Sha1:   42a8d445a3446dee17cc6684ea055703e490bf5e
Sha256: bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
                                        
                                            GET /assets/static/bold-b542beb274-v2-35bf540bb39615b6a517986f3aa83f7fefa1efd1878603eeeb196488078542d1.woff2 HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gov.uk/assets/static/application-4d0a30e4ea17a02c4ff0e896efebbf3cf3eedb16204f9a9111fb075418950d6c.css
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:37 GMT
etag: "624ac7a1-7af8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: origin, authorization
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:40 GMT
via: 1.1 varnish
age: 1778097
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 158
x-timer: S1664804020.029529,VS0,VE0
content-length: 31480
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31480, version 1.0\012- data
Size:   31480
Md5:    b542beb2746ca0e4a5a9aa7ea7767df7
Sha1:   edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2
Sha256: 06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
                                        
                                            GET /assets/static/govuk-apple-touch-icon-180x180-026deaa34fa328ae5f1f519a37dbd15e6555c5086e1ba83986cd0827a7209902.png HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:38 GMT
etag: "624ac7a2-daf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:40 GMT
via: 1.1 varnish
age: 485636
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1664804020.079204,VS0,VE0
content-length: 3503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size:   3503
Md5:    a0f7e1b728a42016b247dc54ee40d055
Sha1:   f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037
Sha256: ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
                                        
                                            GET /assets/static/favicon-9ed7849c462c53aa2cdf1690eb257e801ecbf5696d1d0928868c5b032b4adb36.ico HTTP/1.1 
Host: www.gov.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gov.uk/
Connection: keep-alive
Cookie: cookies_policy={"essential":true,"settings":false,"usage":false,"campaigns":false}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.84.144
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
last-modified: Mon, 04 Apr 2022 10:25:38 GMT
etag: "624ac7a2-18ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
strict-transport-security: max-age=31536000; preload
fastly-backend-name: origin
content-encoding: br
accept-ranges: bytes
date: Mon, 03 Oct 2022 13:33:40 GMT
via: 1.1 varnish
age: 2364276
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 116
x-timer: S1664804020.080612,VS0,VE0
vary: Accept-Encoding
content-length: 2361
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 8 bits/pixel\012- data
Size:   2361
Md5:    78294581284ff8d4b931d52201629bdc
Sha1:   d33e3788eb5e94151c30b0598ce5c8446915cbeb
Sha256: 05b6a062ef2604e9c686bfd247ca11c86de0243827fd842d6b64d0f830f1744d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6306
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 13:33:40 GMT
Last-Modified: Mon, 03 Oct 2022 11:48:34 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lh8OxfyggFQA+0ak01XG4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: inMs8USXdmM45axFXCL7NJ7GsFc=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 13:33:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 13:33:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 13:33:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 13:33:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9798
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 13:33:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 56825
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:50:25 GMT
age: 70996
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4522
Md5:    34ba42086104460665f7f4f579235592
Sha1:   58f10485c5273cbed8159c98b9065b192ba3d00b
Sha256: 79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1OJxta_mZGnKulQTucUAnzu5w6Mx7L5Tyo_eleCDo76KH2ywvEUTHw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:11:12 GMT
age: 55349
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9095
Md5:    a59b70f464b106c9e54579d8b2f967fa
Sha1:   f964cf69ae825bb32eef4b364df8227c5fb73fce
Sha256: cf2c8c1d3ebbdb8fea6b90d81d240120749cfdceb525713ef153481cb15a438e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 56825
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 56123
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 31850
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f