r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2705
Expires: Mon, 06 Feb 2023 07:12:30 GMT
Date: Mon, 06 Feb 2023 06:27:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18972
Expires: Mon, 06 Feb 2023 11:43:37 GMT
Date: Mon, 06 Feb 2023 06:27:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10334
Expires: Mon, 06 Feb 2023 09:19:39 GMT
Date: Mon, 06 Feb 2023 06:27:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 05:34:02 GMT
content-type: application/json
age: 3203
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CDdlaWITnndIbWo1rkzlibHkpTTMyLRLLIZSi2qcSQIBpmroFFUC5tsHfGSKCX7pK33fa2WIrnw=
x-amz-request-id: HSHV3HGF77DRTDG2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 06:24:50 GMT
age: 155
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 06:27:25 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/request-form/new
3.104.10.184301 Moved Permanently 134 B URL HTTP/1.1 covidtravel.clinicallabs.com.au/request-form/new
IP 3.104.10.184:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
GET /request-form/new HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Mon, 06 Feb 2023 06:27:25 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://covidtravel.clinicallabs.com.au:443/request-form/new
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 06:07:20 GMT
age: 1205
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Mon, 06 Feb 2023 11:47:13 GMT
Date: Mon, 06 Feb 2023 06:27:26 GMT
Connection: keep-alive
push.services.mozilla.com/
44.227.59.33101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.59.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9S1WkbcmRQaaGh2phwqayw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HPW1rVKL9rpT8gab6Hc8bulDfxc=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ca2d57d8a057986bc6fb4dae41bcd11f
c8180a8302a5a5dffd39a4c241a07c80238890d8
d59aa2c999f4915bcc832340ebb534dff92c01e592a0ce6634566f8bc1d6c6c7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152852
Date: Mon, 06 Feb 2023 06:27:26 GMT
Etag: "63e04fe2-1d7"
Expires: Wed, 08 Feb 2023 00:54:58 GMT
Last-Modified: Mon, 06 Feb 2023 00:54:58 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: weqoHmXqFJV4-6BA2BInTwPNpchqwdLOKhgBNs33231KGJHyVy45jw==
covidtravel.clinicallabs.com.au/request-form/new
3.104.10.184200 OK 1.3 kB URL HTTP/2 covidtravel.clinicallabs.com.au/request-form/new
IP 3.104.10.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (778), with CRLF line terminators
Hash 9a7f65a269ca9993c77f06d66e78b34a
b86ec201cf41ae269becd62c8ad3bfd361df1077
f26fd260a71e01feb0ec27e7787c358070806fdf34c76d8d5bb85460da018a19
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
GET /request-form/new HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:26 GMT
content-type: text/html;charset=utf-8
content-length: 1288
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
strict-transport-security: max-age=31536000 ; includeSubDomains
content-language: en-US
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
108.157.224.123200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 108.157.224.123:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 09:30:24 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: 9BKfv70rXFb8GpiQoZcolWj2sLE2WsuFwJ2YwLXeZDM8txeKaqNR1Q==
Age: 75424
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-88600307-18
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-88600307-18
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash f70830567fe570aec7c149b56a9f8332
7c38a05207cbac7e91368b221f2e19fade1deca5
ff7e779fb934da4cd660d16ac5573e2375386e9615476dcba1f3fce4392c9a96
GET /gtag/js?id=UA-88600307-18 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 06:27:27 GMT
expires: Mon, 06 Feb 2023 06:27:27 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13567
Expires: Mon, 06 Feb 2023 10:13:34 GMT
Date: Mon, 06 Feb 2023 06:27:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13567
Expires: Mon, 06 Feb 2023 10:13:34 GMT
Date: Mon, 06 Feb 2023 06:27:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13567
Expires: Mon, 06 Feb 2023 10:13:34 GMT
Date: Mon, 06 Feb 2023 06:27:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vrf1axqufJTrf057F6nY_97NtiM_Wt0tZXpTGN42rvAOV7a4CPe1ig==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:12:02 GMT
age: 29725
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 31044
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 31044
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 929818fabd5a6ee5200499ca445d121e
3951cfa614e0a8674b730c4850f6483e35f73f6a
9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Et74Co732_uh0XdLXtBoER9YtKrPXnac-OGNxyuLmjIHsvgi1XwtYA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:26 GMT
age: 29641
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5eb98d203ce09cf8d1964decb2e44058
004d35f6af8f06b453a4c047e202fddbd410aaf4
80232fe0b4ce7393653076fc39d2d315274e8c17f76a4f754576f4a8a1b3baef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6779
x-amzn-requestid: e2a59d9f-577d-4071-8d40-80e54051fc18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVx6FjwoAMFyNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033f-1fcd55e1413543440d46307c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q7yMHmaEpwLuUNkDG-InGzSE6Lsl-4BJAfAliwalUwb57vEF9Vtixg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:11:11 GMT
age: 83776
etag: "004d35f6af8f06b453a4c047e202fddbd410aaf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 336b665bfad04ec8ed14b01bbf17566d
92102d4c75d2c7efd8197be88e3cb467d2682190
1e21687a242c058a3b442909b168c5e706175b1e93e51cfce691c6f033f795d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8039
x-amzn-requestid: b36a6062-0676-4abc-820c-959bc02810f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkoECwIAMF4hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022ea-52faddc079b7107004e8cfea;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MOgI0aopvRaUSJ-YFH6QFNpGxhUNlpnLk7VeCeOsmcrGTUYIESN2Hg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:04:24 GMT
age: 30183
etag: "92102d4c75d2c7efd8197be88e3cb467d2682190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/app/global.bb5b9abe6071f2a343e8.bundle.js
3.104.10.184200 OK 938 B URL HTTP/2 covidtravel.clinicallabs.com.au/app/global.bb5b9abe6071f2a343e8.bundle.js
IP 3.104.10.184:0
File type ASCII text, with very long lines (938), with no line terminators
Hash 25d6ff708ed148cd4088c157ce079bed
7d572643eed634b4c7262b1331acd206e86de6c3
44f50b2b4ae596c613a492aa4ae7933ff340f29113c41080b14e08059f51379b
GET /app/global.bb5b9abe6071f2a343e8.bundle.js HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:27 GMT
content-type: application/javascript
content-length: 938
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
cache-control: max-age=126230400, public
accept-ranges: bytes
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/content/8081832fc5cfbf634aa664a9eff0350e.ttf
3.104.10.184200 OK 158 kB URL HTTP/2 covidtravel.clinicallabs.com.au/content/8081832fc5cfbf634aa664a9eff0350e.ttf
IP 3.104.10.184:0
File type TrueType Font data, 13 tables, 1st "GDEF", 17 names, Microsoft, language 0x409, Copyright 2020 The Poppins Project Authors (https://github.com/itfoundry/Poppins)PoppinsRegularI\012- data
Size 158 kB (158192 bytes)
Hash 8b6af8e5e8324edfd77af8b3b35d7f9c
01d319c533f62ea29f03b5df8adfd4d93d2d2a38
78f127277756ae464f4eb665ce214cb6315746f6f4193e95b31f18f4b3e97527
GET /content/8081832fc5cfbf634aa664a9eff0350e.ttf HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://covidtravel.clinicallabs.com.au/content/global.46f6932359da192a6b85.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:28 GMT
content-type: application/x-font-ttf
content-length: 158192
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
cache-control: max-age=126230400, public
accept-ranges: bytes
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/i18n/en.json?buildTimestamp=1669431307903
3.104.10.184200 OK 10 kB URL HTTP/2 covidtravel.clinicallabs.com.au/i18n/en.json?buildTimestamp=1669431307903
IP 3.104.10.184:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (40419), with no line terminators
Hash 1d9116556d32c57893e217239ebe3210
00a8c3ad7702ea0371daa6a94d68235cc516130c
2129f411238eb6e8826750ea36de8b5034fc79e8740f21ee5700d648e8203c9c
GET /i18n/en.json?buildTimestamp=1669431307903 HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:29 GMT
content-type: text/html;charset=utf-8
content-length: 10173
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/app/0.bb5b9abe6071f2a343e8.chunk.js
3.104.10.184200 OK 4.2 kB URL HTTP/2 covidtravel.clinicallabs.com.au/app/0.bb5b9abe6071f2a343e8.chunk.js
IP 3.104.10.184:0
File type Unicode text, UTF-8 text, with very long lines (21248), with no line terminators
Hash 2bdfff0cae399ad855fe746949c028cd
6086274f75baf27619ce519cbb775a36c8e14b26
071a46fb90ad9ad6c95c0596a938d64eb85cbefd8dc17621d359a82f5a945360
GET /app/0.bb5b9abe6071f2a343e8.chunk.js HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:29 GMT
content-type: application/javascript
content-length: 4182
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 05:44:08 GMT
expires: Mon, 06 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 2601
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
covidtravel.clinicallabs.com.au/app/30.bb5b9abe6071f2a343e8.chunk.js
3.104.10.184200 OK 219 kB URL HTTP/2 covidtravel.clinicallabs.com.au/app/30.bb5b9abe6071f2a343e8.chunk.js
IP 3.104.10.184:0
File type Unicode text, UTF-8 text, with very long lines (64716), with no line terminators
Size 219 kB (218662 bytes)
Hash 1e3e9594747eb94acc08b0dddda1336b
d8249c1e481f9962f6704659be6bfb8a80c6e500
231d7e4d294873ceb96e53418f1f30641d83d2fddb09dfae5bef84cac7023947
GET /app/30.bb5b9abe6071f2a343e8.chunk.js HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:29 GMT
content-type: application/javascript
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
covidtravel.clinicallabs.com.au/favicon.ico
3.104.10.184200 OK 1.2 kB URL HTTP/2 covidtravel.clinicallabs.com.au/favicon.ico
IP 3.104.10.184:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0595f8a08fd3ff8fb08b9ca8c5d2198d
d66b0d36733a583efcc12e7e9bc78cb4b0ff46cf
c17bde6f444b9a2d1e3587ca65b2fdb5c32122e2855bf691165a87544de7b575
GET /favicon.ico HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:29 GMT
content-type: image/x-icon
content-length: 1150
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11359170.fls.doubleclick.net/activityi;src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664?
142.250.74.70200 OK 282 B URL HTTP/2 11359170.fls.doubleclick.net/activityi;src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540), with no line terminators
Hash c07da5f510e74163d2e337085e3dc442
f2f917de2f4f1a4fde493a11cd20fd94dfad6ccb
3731750cdceab43e252ff0872ece01158fbeb32a258f82823593cc49e45fbbfb
GET /activityi;src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664? HTTP/1.1
Host: 11359170.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:27:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 282
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 06:42:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/content/main.823d867760a9773c9aa9.css
3.104.10.184200 OK 26 kB URL HTTP/2 covidtravel.clinicallabs.com.au/content/main.823d867760a9773c9aa9.css
IP 3.104.10.184:0
Hash de70ac6b88a05531aba61838dcb16eb5
bff0c20db2f5680460cf753b9243dbb0f2285755
dc656a48d6dc3045b9656e311f35d5595670432ce82d96eae7092c53111f6fea
GET /content/main.823d867760a9773c9aa9.css HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:27 GMT
content-type: text/css
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Origin: https://covidtravel.clinicallabs.com.au
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 06 Feb 2023 06:27:30 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://covidtravel.clinicallabs.com.au
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/management/info
3.104.10.184200 OK 5.9 kB URL HTTP/2 covidtravel.clinicallabs.com.au/management/info
IP 3.104.10.184:0
Hash fb944e5db3b96d97775ac6c5a3e2dee9
095b49c268c4bdb78fb85d2e434f13b3dc2b1410
c47da83536528a6f2d7b8895f5c20f95915bbb75370c1aa431797d5799decbd0
GET /management/info HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:29 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/
142.250.74.34200 OK 285 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (539), with no line terminators
Hash cf9f7c5b2417bca0504850b4fac788c8
8810f17f2e1c7740014244c75420f99748ac4acd
93fc09453dd418552c7390e355c4c98cf8317e43d15217fc6a5d87065f8e4714
GET /ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11359170.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:27:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 285
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11359170;type=invmedia;cat=clini005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3405643743120.5664;~oref=https://covidtravel.clinicallabs.com.au/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 06:27:30 GMT
expires: Mon, 06 Feb 2023 06:27:30 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 06:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insight.adsrvr.org/track/pxl/?adv=byq8uk2&ct=0:u7opbuj&fmt=3
15.197.193.217200 OK 157 kB URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=byq8uk2&ct=0:u7opbuj&fmt=3
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Size 157 kB (156550 bytes)
Hash c96f0fd397bc196f32f652880648feb4
d6dd33a4a7482d2d47a11abce3d07d9ace1cede7
cb65bdc2187952a4a1316564d4945e4bf1a61b07a0df3ff6c71e03d0ee012cba
GET /track/pxl/?adv=byq8uk2&ct=0:u7opbuj&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/app/main.bb5b9abe6071f2a343e8.bundle.js
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/app/main.bb5b9abe6071f2a343e8.bundle.js
IP 3.104.10.184:0
GET /app/main.bb5b9abe6071f2a343e8.bundle.js HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:27 GMT
content-type: application/javascript
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/public/properties/square-config
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/public/properties/square-config
IP 3.104.10.184:0
GET /api/public/properties/square-config HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/airlines
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/airlines
IP 3.104.10.184:0
GET /api/airlines HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/states
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/states
IP 3.104.10.184:0
GET /api/states HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/package-tests/active
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/package-tests/active
IP 3.104.10.184:0
GET /api/package-tests/active HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/collection-centers
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/collection-centers
IP 3.104.10.184:0
GET /api/collection-centers HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=byq8uk2&ref=https%3A%2F%2Fcovidtravel.clinicallabs.com.au%2Frequest-form%2Fnew&upid=xdm9u1j&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=byq8uk2&ref=https%3A%2F%2Fcovidtravel.clinicallabs.com.au%2Frequest-form%2Fnew&upid=xdm9u1j&upv=1.1.0
IP 15.197.193.217:0
GET /track/up?adv=byq8uk2&ref=https%3A%2F%2Fcovidtravel.clinicallabs.com.au%2Frequest-form%2Fnew&upid=xdm9u1j&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/content/global.46f6932359da192a6b85.css
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/content/global.46f6932359da192a6b85.css
IP 3.104.10.184:0
GET /content/global.46f6932359da192a6b85.css HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:27 GMT
content-type: text/css
content-encoding: gzip
cache-control: max-age=126230400, public
accept-ranges: bytes
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 26 Nov 2022 03:03:17 GMT
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/announcement/1
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/announcement/1
IP 3.104.10.184:0
GET /api/announcement/1 HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/lookups/get-by-name/test_name
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/lookups/get-by-name/test_name
IP 3.104.10.184:0
GET /api/lookups/get-by-name/test_name HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/countries
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/countries
IP 3.104.10.184:0
GET /api/countries HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2
covidtravel.clinicallabs.com.au/api/nationalities
3.104.10.184200 OK 0 B URL HTTP/2 covidtravel.clinicallabs.com.au/api/nationalities
IP 3.104.10.184:0
GET /api/nationalities HTTP/1.1
Host: covidtravel.clinicallabs.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://covidtravel.clinicallabs.com.au/request-form/new
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 06:27:30 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-ancestors https://www.xtramilesolutions.com.au;frame-src 'self' data: https://*.fls.doubleclick.net https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://*.adsrvr.org;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://pci-connect.squareup.com https://*.google.com https://*.gstatic.com https://*.googletagmanager.com https://*.google-analytics.com https://connect.facebook.net https://maps.googleapis.com https://*.adsrvr.org;style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://*.squarecdn.com https://*.squareup.com;connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.squarecdn.com https://*.squareup.com https://*.googletagmanager.com https://*.google-analytics.com https://*.doubleclick.net https://maps.googleapis.com https://insight.adsrvr.org;img-src 'self' data: https://*.squarecdn.com https://*.squareup.com https://*.s3.ap-southeast-2.amazonaws.com https://*.googletagmanager.com https://*.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://www.facebook.com maps.gstatic.com *.googleapis.com *.ggpht.com https://*.adsrvr.org;font-src 'self' data: https://fonts.gstatic.com https://*.squarecdn.com https://*.squareup.com https://*.cloudfront.net
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
X-Firefox-Spdy: h2