firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 08:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JZiWoag-MlHTT1N_PIJRbQIpA_b5j4zrnogEwj-z9Sc3LdDroIgsLg==
Age: 717
student-finance-help.web.app/
199.36.158.100200 OK 820 B URL HTTP/2 student-finance-help.web.app/
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1663)
Hash 8dd0be8b9459a82bf688568e12b774dd
d57e93730bb5494fd7b268243302a758bf6a4969
5a2b413e13ebd9cf1d46d42d9844f2ae5a307ba69981b0880aa465b5f1ee31f0
Analyzer Verdict Alert openphish HM Revenue & Customs
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: student-finance-help.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "7daeecdf73ef7847726b2d32220056580090dfe126967492edacb90f9f585a4f-br"
last-modified: Sun, 11 Sep 2022 19:07:07 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 21 Sep 2022 08:25:29 GMT
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663748730.671391,VS0,VE79
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 820
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2818
Expires: Wed, 21 Sep 2022 09:12:27 GMT
Date: Wed, 21 Sep 2022 08:25:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A4DoSEm5AaRt0ctN3cQh3nPDBEH3LEJIzeJ8CR8qT3FgVAMT6ZIXWg==
age: 13816
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/7ZBQLSBvJ5A
IP 142.250.74.3:0
Hash 465191899ad9ad445fe0f109e35c4704
5d0db69e114a99199c52218e434b6e4e14f24771
9bd8c3d97a70fc9c0a99c0694206fe7a6a0ff90cb1f6761fdec4fcecabd1e185
POST /s/gts1d4int/7ZBQLSBvJ5A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:25:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 08:03:22 GMT
Expires: Wed, 21 Sep 2022 08:40:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -7CQZBj2Fovx8ENVPekH8YYlSMstTVxuoNkXusKbztnKquOcQVQZlg==
Age: 1328
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd175159ca429666b05901d3f79dfa36
d6816ded69fa9165abd20117b6e82fb7985c3ae3
68dc17b6e23afaa41ba7c38c01b5d6519ae1bb90d30e7ace5f707a6d51ea5abb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2022
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:30 GMT
Last-Modified: Wed, 21 Sep 2022 07:51:48 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:30 GMT
Last-Modified: Wed, 21 Sep 2022 07:10:37 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
logon.slc.co.uk/welcome/secured/login?_locale=en_GB&cookieConsent=accept
62.255.142.225302 Moved Temporarily 20 B URL HTTP/1.1 logon.slc.co.uk/welcome/secured/login?_locale=en_GB&cookieConsent=accept
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /welcome/secured/login?_locale=en_GB&cookieConsent=accept HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://student-finance-help.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 08:25:30 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://www.student-finance.service.gov.uk/customer/funnel/?_locale=en_GB
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; Path=/welcome; Secure; HttpOnly
TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; Path=/; Secure; HTTPOnly
TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; path=/welcome; HTTPonly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 956aa5ba31d35812ef4a29150d417d82
bde5267f87406ad333c118136106fccd6d1f877f
23af15ba60ae7cf2a77ba99d8363a2296965971be6160ae29d4789eaf4d0f11f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:30 GMT
Last-Modified: Wed, 21 Sep 2022 08:05:57 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YzfUtQDCJZiBAwkYetf90g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mZl+DiyM62cN/zjkkUvnCVwRUn4=
www.student-finance.service.gov.uk/customer/funnel/?_locale=en_GB
62.255.142.228302 Moved Temporarily 20 B URL HTTP/1.1 www.student-finance.service.gov.uk/customer/funnel/?_locale=en_GB
IP 62.255.142.228:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /customer/funnel/?_locale=en_GB HTTP/1.1
Host: www.student-finance.service.gov.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://student-finance-help.web.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 08:25:30 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://www.student-finance.service.gov.uk/customer/funnel/login
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: JSESSIONID=m1XDg6R1oxDIpBQmoOC+cssk.d2lvapcppe12-b; Path=/customer/funnel; Secure; HttpOnly
TS01f0bfcd=0195716340c8e31d2957a228cc83413040db4c03ab7ae40875ce5dd8cff786997cd38f108e9a2f332f527c6d5ed0831f0bb9f7b74b; Path=/; Secure; HTTPOnly
TS01883e7a=0195716340410f245f5d9931c28b5261c0ebb996957ae40875ce5dd8cff786997cd38f108ea069ee8820d9c1c690a9f7114420ee1ec479103ecc6d2dc7f29fdecf1274da9f; path=/customer/funnel; HTTPonly; Secure
www.student-finance.service.gov.uk/customer/funnel/login
62.255.142.228302 Moved Temporarily 20 B URL HTTP/1.1 www.student-finance.service.gov.uk/customer/funnel/login
IP 62.255.142.228:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /customer/funnel/login HTTP/1.1
Host: www.student-finance.service.gov.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://student-finance-help.web.app/
Connection: keep-alive
Cookie: JSESSIONID=m1XDg6R1oxDIpBQmoOC+cssk.d2lvapcppe12-b; TS01883e7a=0195716340410f245f5d9931c28b5261c0ebb996957ae40875ce5dd8cff786997cd38f108ea069ee8820d9c1c690a9f7114420ee1ec479103ecc6d2dc7f29fdecf1274da9f; TS01f0bfcd=0195716340c8e31d2957a228cc83413040db4c03ab7ae40875ce5dd8cff786997cd38f108e9a2f332f527c6d5ed0831f0bb9f7b74b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 08:25:30 GMT
X-XSS-Protection: 1;mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src'self';""
Location: https://logon.slc.co.uk/welcome/secured/login?svc=cp&_locale=en_GB&state=anVdfUehW&clientId=0oa31ox4c9hXvdvYr0x7&redirectUrl=https%3A%2F%2Fwww.student-finance.service.gov.uk%2Fcustomer%2Ffunnel%2Flogin%2Foauth%2Fcode&appId=FUNNEL_APP&appSessionId=m1XDg6R1oxDIpBQmoOC%2Bcssk.d2lvapcppe12-b
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
logon.slc.co.uk/welcome/secured/login?svc=cp&_locale=en_GB&state=anVdfUehW&clientId=0oa31ox4c9hXvdvYr0x7&redirectUrl=https%3A%2F%2Fwww.student-finance.service.gov.uk%2Fcustomer%2Ffunnel%2Flogin%2Foauth%2Fcode&appId=FUNNEL_APP&appSessionId=m1XDg6R1oxDIpBQmoOC%2Bcssk.d2lvapcppe12-b
62.255.142.225302 Moved Temporarily 20 B URL HTTP/1.1 logon.slc.co.uk/welcome/secured/login?svc=cp&_locale=en_GB&state=anVdfUehW&clientId=0oa31ox4c9hXvdvYr0x7&redirectUrl=https%3A%2F%2Fwww.student-finance.service.gov.uk%2Fcustomer%2Ffunnel%2Flogin%2Foauth%2Fcode&appId=FUNNEL_APP&appSessionId=m1XDg6R1oxDIpBQmoOC%2Bcssk.d2lvapcppe12-b
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /welcome/secured/login?svc=cp&_locale=en_GB&state=anVdfUehW&clientId=0oa31ox4c9hXvdvYr0x7&redirectUrl=https%3A%2F%2Fwww.student-finance.service.gov.uk%2Fcustomer%2Ffunnel%2Flogin%2Foauth%2Fcode&appId=FUNNEL_APP&appSessionId=m1XDg6R1oxDIpBQmoOC%2Bcssk.d2lvapcppe12-b HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://student-finance-help.web.app/
Connection: keep-alive
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/plain
logon.slc.co.uk/welcome/secured/login?_locale=en_GB
62.255.142.225200 OK 5.8 kB URL HTTP/1.1 logon.slc.co.uk/welcome/secured/login?_locale=en_GB
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2006)
Hash c922f48f15bde34328bc97a558f7bfba
d7c5fe205fef4c041fe24d13e09daf277da0b267
d70199fcdba2ab1ae6495b02b229ad324b8c08a609442987b80907d390c2ec83
GET /welcome/secured/login?_locale=en_GB HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://student-finance-help.web.app/
Connection: keep-alive
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html;charset=UTF-8
Content-Language: en-GB
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/slc_browser.js
62.255.142.225200 OK 733 B URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/slc_browser.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash cc38eaea2a542fb6175e2c36ad177c01
dbc84745d1a9c0c02a817e9dc203b7c98af05417
e4bd6ef8f6819a6f635bb0637241b36cfb07c2a10ed5bfad079a012e7efe0e61
GET /welcome/javascript/slc_browser.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/jquery.simplemodal-1.4.4.js
62.255.142.225200 OK 6.9 kB URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/jquery.simplemodal-1.4.4.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 4f1e61cc53559a6758e38f0af78ab10c
5760d861ac75e9f332908115cf1b4c8ea5eef2e9
87b6bea6705277e07812f70bf4358c9a06057de566f00bd60405119d978a4e21
GET /welcome/javascript/jquery.simplemodal-1.4.4.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/stylesheets/sfe/sfe.css
62.255.142.225200 OK 237 B URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/sfe/sfe.css
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 28fbfd0a8cebb215df6c6457ece45e99
a2ad545a8bc1bd0ec9252e6c5af54009cab2257f
d8d9e3e46b18a842aec796706070be2785fcc14e6ff898c41ce7e3b9607ef94f
GET /welcome/stylesheets/sfe/sfe.css HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/css
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/slc_analytics.js
62.255.142.225200 OK 2.4 kB URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/slc_analytics.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash 5d315a873284149c124ad72357c44653
3e8e4a0a8b095ce403ef7d2e708b0eaed89a8b0a
b0c93e54734abd2992f3cd28cee8ee370ec322b02a675119cc8abd1efae1e124
GET /welcome/javascript/slc_analytics.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/stylesheets/modal.css
62.255.142.225200 OK 2.4 kB URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/modal.css
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash b589198b8895f8d2dd9ebb4703cd2214
58121df11f1a31a32385b4510f060b30b21a6e64
aa093463e59f861c08e7890475a90e58f7f5a4fbaa02126b6255a00522da2e6f
GET /welcome/stylesheets/modal.css HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/css
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/loading_button.js
62.255.142.225200 OK 1.5 kB URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/loading_button.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type HTML document, ASCII text
Hash bc4d1cc2bc4a586fb4370f7fe1951f30
5568919c788e3f541ed9452351c3c258dfb9fefd
435e971b624c782165578c6f0ca5493568c87918dd30663e89739f550dbfe76f
GET /welcome/javascript/loading_button.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/stylesheets/govuk-frontend-3.7.0.min.css
62.255.142.225200 OK 11 kB URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/govuk-frontend-3.7.0.min.css
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type ASCII text, with very long lines (65410)
Hash 36ab4ed4859e163525341ec9887b4b0a
59ceb27e6b0480383828f9aae099018ee70e0d7a
a3cfa9ec06af981d813d340286deb42234600bec354c92e9e6ac7e8a15259447
GET /welcome/stylesheets/govuk-frontend-3.7.0.min.css HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/css
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/stylesheets/override-govuk-frontend-3.7.0.min.css
62.255.142.225200 OK 765 B URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/override-govuk-frontend-3.7.0.min.css
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash b3f4be5035f454825da1e4a224e60ad0
7ce1b15df6fcca77693b05636cb3750964f5f556
81e1c0afdc8fa2bb3689651e19b438ef791838f5e4093c4265319c49f780656c
GET /welcome/stylesheets/override-govuk-frontend-3.7.0.min.css HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/css
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/jquery-3.6.0.js
62.255.142.225200 OK 31 kB URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/jquery-3.6.0.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type ASCII text, with very long lines (65447)
Hash 28d8704e4c11045906f7abf7cfb7bb20
2d584582bdf857e19eda5d2c8c4b24e4fd7adf98
207dd21837d7e8f47272a5fdfea5b6d1eb49f269b875841cc591937528a59380
GET /welcome/javascript/jquery-3.6.0.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/javascript/govuk-frontend-3.7.0.min.js
62.255.142.225200 OK 8.6 kB URL HTTP/1.1 logon.slc.co.uk/welcome/javascript/govuk-frontend-3.7.0.min.js
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type ASCII text, with very long lines (32869)
Hash a0c10e719018c021c26c3433fe866d61
0b48bc89b633860219ffd4fc252920fdf2f7b46a
53a882155ee78a57fe06a2ae84db75f0bdfe292b0103a41125c83bac7ce70f11
GET /welcome/javascript/govuk-frontend-3.7.0.min.js HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/javascript
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
logon.slc.co.uk/welcome/stylesheets/cookie-banner.css
62.255.142.225200 OK 513 B URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/cookie-banner.css
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
Hash b48551b198cdb90d8d7af9826aa20761
cfa37472eebbab9ccfc096f9b382b816cc260672
e85ae73738718dec0f89acd7fa4fe40cfe3a207c74fa2b7fedf6396dba188004
GET /welcome/stylesheets/cookie-banner.css HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/css
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
static.queue-it.net/script/queueconfigloader.min.js
143.204.55.127200 OK 7.3 kB URL HTTP/2 static.queue-it.net/script/queueconfigloader.min.js
IP 143.204.55.127:0
Hash 50bce22bfe670aeb142c34ea8716b3ef
6362e362253dff576398def50fe9ced96756780a
5e6023174f3f4285809935907273d536192bcb48f4f67baa3391741a89b53861
GET /script/queueconfigloader.min.js HTTP/1.1
Host: static.queue-it.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 23 Feb 2022 18:43:15 GMT
x-amz-version-id: hmKaoMDmDo5jDZ4nyowQbHuhS.wPsIca
server: AmazonS3
content-encoding: gzip
date: Wed, 21 Sep 2022 08:08:40 GMT
cache-control: public,max-age=7200
etag: W/"eee5cc1b5a9d83bc08cac904c6172a69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cvOiPxpCu-oejb3WrKLW34yFPEwIURsct45SY-ZHIe1cxhrwyQ7v3g==
age: 1012
X-Firefox-Spdy: h2
logon.slc.co.uk/welcome/stylesheets/sfe/images/sfe_logo.png
62.255.142.225200 OK 2.9 kB URL HTTP/1.1 logon.slc.co.uk/welcome/stylesheets/sfe/images/sfe_logo.png
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type PNG image data, 248 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 57b87dea4ae2b416a63600df56b41c9f
262d7b5a812f48a11a5b6f1c75ad7d96ad89bcf4
f3c14820d452cf53db3283d280fd0c14da7e1424595bd4a56a537af9b3b88cb1
GET /welcome/stylesheets/sfe/images/sfe_logo.png HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: image/png
Content-Length: 2945
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
logon.slc.co.uk/welcome/assets/images/govuk-crest.png
62.255.142.225200 OK 3.6 kB URL HTTP/1.1 logon.slc.co.uk/welcome/assets/images/govuk-crest.png
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type PNG image data, 125 x 102, 8-bit colormap, non-interlaced\012- data
Hash bcd5768bd7721641ee71ba103bb38900
42a8d445a3446dee17cc6684ea055703e490bf5e
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
GET /welcome/assets/images/govuk-crest.png HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/stylesheets/govuk-frontend-3.7.0.min.css
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; QueueITAccepted-SDFrts345E-V3_slccpprod=EventId%3Dslccpprod%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1663748731%26Hash%3D4ba62a1d2f9e86c6235148bdc3197d95135c3bbaac9748ec368e9eb626f07c5f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: image/png
Content-Length: 3584
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
logon.slc.co.uk/welcome/assets/fonts/light-94a07e06a1-v2.woff2
62.255.142.225200 OK 33 kB URL HTTP/1.1 logon.slc.co.uk/welcome/assets/fonts/light-94a07e06a1-v2.woff2
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type Web Open Font Format (Version 2), TrueType, length 33382, version 1.131\012- data
Hash 94a07e06a104e76fe40583f74b204aee
3202361735eb0c59277c2140c34dd77879df43de
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
GET /welcome/assets/fonts/light-94a07e06a1-v2.woff2 HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/stylesheets/govuk-frontend-3.7.0.min.css
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; QueueITAccepted-SDFrts345E-V3_slccpprod=EventId%3Dslccpprod%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1663748731%26Hash%3D4ba62a1d2f9e86c6235148bdc3197d95135c3bbaac9748ec368e9eb626f07c5f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/octet-stream
Content-Length: 33382
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
logon.slc.co.uk/welcome/assets/fonts/bold-b542beb274-v2.woff2
62.255.142.225200 OK 32 kB URL HTTP/1.1 logon.slc.co.uk/welcome/assets/fonts/bold-b542beb274-v2.woff2
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type Web Open Font Format (Version 2), TrueType, length 31480, version 1.0\012- data
Hash b542beb2746ca0e4a5a9aa7ea7767df7
edd7531eb22a9e4c7c17045d9ba5ec87e4c731d2
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
GET /welcome/assets/fonts/bold-b542beb274-v2.woff2 HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/stylesheets/govuk-frontend-3.7.0.min.css
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; QueueITAccepted-SDFrts345E-V3_slccpprod=EventId%3Dslccpprod%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1663748731%26Hash%3D4ba62a1d2f9e86c6235148bdc3197d95135c3bbaac9748ec368e9eb626f07c5f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/octet-stream
Content-Length: 31480
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
logon.slc.co.uk/welcome/assets/images/govuk-apple-touch-icon-180x180.png
62.255.142.225200 OK 3.5 kB URL HTTP/1.1 logon.slc.co.uk/welcome/assets/images/govuk-apple-touch-icon-180x180.png
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash a0f7e1b728a42016b247dc54ee40d055
f02b551f1af5d4ef5bc4aee07da9a6e36a3f9037
ea1cbb1cbbeddfff275dfa6e8e46b84cd530892df79dc4882a8f99b802b49a90
GET /welcome/assets/images/govuk-apple-touch-icon-180x180.png HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; QueueITAccepted-SDFrts345E-V3_slccpprod=EventId%3Dslccpprod%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1663748731%26Hash%3D4ba62a1d2f9e86c6235148bdc3197d95135c3bbaac9748ec368e9eb626f07c5f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: image/png
Content-Length: 3503
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
logon.slc.co.uk/welcome/assets/images/favicon.ico
62.255.142.225200 OK 2.6 kB URL HTTP/1.1 logon.slc.co.uk/welcome/assets/images/favicon.ico
IP 62.255.142.225:0
ASN #32787 PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK
File type MS Windows icon resource - 3 icons, 16x16, 4 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 80f3f9105e006160875191b33abd2e31
a42c29dc6248375facb8d06050272d68b735e110
3149d8582af2522b397998ce214e04d8bd8f037d82a1dcd9ec36cf8bb79db609
GET /welcome/assets/images/favicon.ico HTTP/1.1
Host: logon.slc.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/welcome/secured/login?_locale=en_GB
Cookie: JSESSIONID=jlokpXYL0YlizlKWu0F1N5G3.d2lvapcppe05-a; TS01519ec9=01957163404bcd1af978804a46ea316b3c63f502b1ead85258ca324b85835e19ad6e799d7b96e8ce17226742572839e68662ac7d54c9fe13c0b89eb3708b4c94fd2dca0cd1; TS01473ab4=01957163407ba13334a0834da15fd664a985cdd1abead85258ca324b85835e19ad6e799d7b2f849190772264b4997c1cb315d166f5; QueueITAccepted-SDFrts345E-V3_slccpprod=EventId%3Dslccpprod%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1663748731%26Hash%3D4ba62a1d2f9e86c6235148bdc3197d95135c3bbaac9748ec368e9eb626f07c5f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:31 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Security-Policy: default-src'self';""
X-Application-Context: application:live:8080
Last-Modified: Fri, 05 Aug 2022 11:28:42 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff, nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/octet-stream
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 06:41:12 GMT
expires: Wed, 21 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 6259
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17282
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17282
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17282
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17282
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 38534
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 4816
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 38668
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KBsiDc6LmziklLtN8BUFv9QDsj7s9zEFhmtXtlIfBp_RKoBPpqOgfA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 18:17:10 GMT
age: 50902
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 64031
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10ad73e887b57566c4ba3ae763552a2e
63252bd8cc72452c4c6be84593d704ae9bf97d1f
7d58d096045066af053eb1a1fc3878d3e2080aa50b71aa30fa5b7929693ab004
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9399
x-amzn-requestid: 44705828-c137-4ab5-8538-5d4595a2b058
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvkJGjxoAMF6-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c80-3cb542a303a59002480c82b2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:08:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PIZx2S4HyPokzOhbut6yFxH_-32I3SvT1jbeo2rSxQtkgYZGcqjBJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 37775
etag: "63252bd8cc72452c4c6be84593d704ae9bf97d1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.queue-it.net/script/queueclient.min.js
143.204.55.127200 OK 0 B URL HTTP/2 static.queue-it.net/script/queueclient.min.js
IP 143.204.55.127:0
GET /script/queueclient.min.js HTTP/1.1
Host: static.queue-it.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://logon.slc.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 23 Feb 2022 18:43:15 GMT
x-amz-version-id: 4yQ2rNl7SZrweE0tCIPgmTcwWoJbW7lz
server: AmazonS3
content-encoding: gzip
date: Wed, 21 Sep 2022 07:12:36 GMT
cache-control: public,max-age=7200
etag: W/"58074f881862f661a074ef91b00cf15f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8tqDw_LPNbDF0dbv1bDftmzmVZJuhDMi1OnZSd8vSCC_RJUMb1xQJg==
age: 4375
X-Firefox-Spdy: h2