Report - www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas

Report Overview

Submitted URL
www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas
IP
54.230.111.54
ASN
#16509 AMAZON-02
Submitted
2023-02-09 11:42:02
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	718 B	4.0 kB	151.101.194.133
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	47 kB	34.120.237.76
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	379 B	103 kB	216.58.207.200
tracking.monsido.com	11718	2017-08-06T14:11:12Z	2023-03-13T07:57:40Z	642 B	310 B	35.190.93.146
www.qld.gov.au	293189	2012-07-03T10:06:54Z	2023-03-03T06:58:24Z	1.7 kB	8.3 kB	54.230.111.66
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.186.236.115
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.9 kB	106 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.4 kB	101 kB	142.250.74.163
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	515 B	578 B	142.250.74.164
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	371 B	21 kB	142.250.74.110
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.0 kB	1.2 kB	142.250.74.67
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:11:52Z	1.2 kB	445 B	216.239.34.36
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-13T05:09:57Z	398 B	31 kB	69.16.175.42
app-script.monsido.com	13890	2019-11-01T11:10:18Z	2023-03-13T07:42:30Z	377 B	3.5 kB	34.98.105.146
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	454 B	1.6 kB	142.250.74.106
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	604 B	593 B	64.233.163.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-09 11:42:50	medium	Client IP	54.230.111.66	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
2023-02-09 11:42:50	medium	Client IP	54.230.111.66	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (62)

	URL	Size	First Seen	Last Seen
	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	1.4 kB	2023-03-12	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:57:48 Last Seen2023-03-13 20:27:37 Times Seen1 Hash 4507360459a4d3feae3324ab0587a3da 840d636abe87bbc8ad2fc8cae6bb2ee47b079e35 44bcbdb8607017022c852ea696ca706dff5c90bec88374fbb526b32b1e0462ad Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	265 B	2023-03-10	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:46:06 Last Seen2023-03-13 20:27:37 Times Seen1 Hash 7bf6b1c4958576b5057eb89144ca831c 87513f801f54bc1b90064fc31da00e6953b86952 8b2c45a6327f43a8f6cb6ba3c63cd253d2219c7ced00a82fe9286146dfbb0868 Loading...

	www.googletagmanager.com/gtag/js?id=G-2BSW42XWCV&l=dataLayer&cx=c	231 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-2BSW42XWCV&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:27:37 Last Seen2023-03-13 20:27:37 Times Seen1 Hash dbef8ca977f7b838f0de7ee59a4650df f1472a2315137d5612db555cc6b7828a7a8bc151 f91dd22f68e9fedbaf1f3881f6a6654dd3567ac3e3d85cb261d990300bc94359 Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 12:52:28 Times Seen106348 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	549 B	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:37 Times Seen1 Hash 607cf5f0fe3c5e037bfe7fe0a8cd1552 764811f95d2da3a47a63d61a181253100c8e04e2 72988b99053e6cc3e24cf7bad8a25df39f65c883b3dfd0f709c6ba52844d263d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PMDS7K	266 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PMDS7K IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:27:37 Last Seen2023-03-13 20:27:37 Times Seen1 Hash 5eb24bb18e480670125c74b3e2dc2e01 2433e64488c57285efef63d7eb73ff36a9b22458 7816d52d695a1a6374dd763f89bde30ba0e8adbeb78c5916231cc584e78b2e37 Loading...

	www.qld.gov.au/__data/assets/git_bridge/0030/95448/js/on-demand-scripts/qg-modal.js?h=3ce4a4e	5.3 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/__data/assets/git_bridge/0030/95448/js/on-demand-scripts/qg-modal.js?h=3ce4a4e IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:37 Times Seen1 Hash 7499b171594c3d7a03124faa960a65f1 87d125a2d590cacc738f56666b5d4f325196c3b6 c722220feec265807f2eedd585b20d0e86c25da58b4040ae1395519d367d8455 Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	116 B	2023-03-09	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:15:41 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 69f70e1953fa13e0009e6040e0b36f40 36f37d6ad523387a1634023c3b01073970cdccc6 570be5ebeae8e779408835560cc9ff2537289e52635982d1fe5f8704aa28a627 Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	612 B	2023-03-09	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:15:41 Last Seen2023-03-13 20:27:38 Times Seen1 Hash d2a883cd9e3a49d77892a32b067a48fd bb6d1fe4512111a084fe4cd930939a77912f295d 634561fcbc568ea094baf5654bb9e798f2849ed5aa85d50f1591c5523186357d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.qld.gov.au/__data/assets/git_bridge/0029/95447/static.qgov.net.au/assets/v4/latest/js/qg-main.js?h=ee79ecb	96 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/__data/assets/git_bridge/0029/95447/static.qgov.net.au/assets/v4/latest/js/qg-main.js?h=ee79ecb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:38 Times Seen1 Hash cacdc85bcea5837560d239b0de3e1e14 c2afe05ed52b87e35961391e91f6d5ef54827ff8 b016c85f22bc0033dfbd9773c49c5738c80abcaa21372d67cfd7ee1c9c7b0432 Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	334 B	2023-03-12	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:57:48 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 75fe2132ff36c61b427329246483017e 053559ba4fa39cf5cbb5189c79fef10cb2eb534c 262e8afa904e2d84b09f8033734e6f0769c816607d48500eaa0fb29d10a183d1 Loading...

	www.qld.gov.au/__data/assets/js_file_folder/0004/130/qg-main.js?v=0.9.5	2.5 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/__data/assets/js_file_folder/0004/130/qg-main.js?v=0.9.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 9e8815b6bc7acb4f88d2653df152a97f c34b4ce611b5e054ae09270a4026ae2fad724348 12c9ff60a23de18a9f8b6049e4d959cd840b6a7d25f3804ea1c07a6fe2b08e75 Loading...

	app-script.monsido.com/v2/monsido-script.js	8.6 kB	2023-03-12	2023-06-01
Pretty URL app-script.monsido.com/v2/monsido-script.js IP 34.98.105.146 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:46:38 Last Seen2023-06-01 11:35:15 Times Seen154 Hash fbb35cc099cf86d29dc88b9d551bea07 3d4696ae945da6b0f0ba8c6cf83c7cdf9b627ace 3dd574f98eedb85c6b690a4211378b1780e5ef432ff089d6e6adb7ab827f6411 Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	579 B	2023-03-12	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:57:48 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 7ffce7e454fa136724ff4699256a9d7b 2dc4ccd333ad1c7a66d37edb85f448508a6e0853 c8de89bc3769435fea869b6c6afc7c12c63698c6e6ea4c1d0bb0ce6696eecc8d Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	2.2 kB	2023-03-10	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:46:06 Last Seen2023-03-13 20:27:38 Times Seen1 Hash c33bea317dec8d6a695fc0fd00c5ba11 b994cf59f381960d7c7e6fd38b4b9dc0e03c5ef5 9747268ccf0e7bd0def59a1b87f65f660414d095589f70eab0cacc0e4dc32c7a Loading...

	www.qld.gov.au/__data/assets/git_bridge/0029/95447/static.qgov.net.au/assets/v4/latest/lib/all-ext-min.js?h=ee79ecb	148 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/__data/assets/git_bridge/0029/95447/static.qgov.net.au/assets/v4/latest/lib/all-ext-min.js?h=ee79ecb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 681a28011093544128a88973dcf39a05 fcfb14a115e4c56f23634044510d8d7b94ad4fad 2d4928ea8eaa23e2864e9fa9e024911a3cce97c9e83cea48b791c5683db4c73e Loading...

	www.qld.gov.au/__data/assets/js_file_folder/0013/337/all-ext-min.js?v=0.9.5	82 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/__data/assets/js_file_folder/0013/337/all-ext-min.js?v=0.9.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 0cfda4711d7a1f2a494bf6b07fb05078 617da85be45de4af33fd5a636d6ce31b2ec9265e ddcf59f88782822a5e01f007d375be98303f6f0c511236ac45e1b116dbe6e94f Loading...

	www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas	1.7 kB	2023-03-13	2023-03-13
Pretty URL www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:27:38 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 44e1df931446abe4562380b10ea68322 e3f13d1be1760b34ccb9d3077a5e83a395e303e2 2a9cd4baffdda8ac4e7e3c819123ea7d4e3e1e4bfabfa83fae79f16154ce7747 Loading...

		Size	First Seen	Last Seen
	#1 Eval - edbcec4cde9107d62f5267bee26beeec	322 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash edbcec4cde9107d62f5267bee26beeec 6487b5a6ee21054db9da40fb9c63bcc49c3d3b0c e8b70ff4aca7cd87e1a88f4f4b9c3c3d3a3398d7f9405ac4fe08672ce35acdfa Loading...

	#2 Eval - ce642256ae4a99fc417d7c96931c6849	184 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash ce642256ae4a99fc417d7c96931c6849 5610dadac425b8faf5f1f728e66b01ba0723c485 2b8b93cf761399090cf818a688375397c22c002e81ab176d985b6203cf386b2a Loading...

	#3 Eval - f9926262594a9f40560715247bf34ca2	112 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash f9926262594a9f40560715247bf34ca2 abed12f9ad4acc942967cceb7e31d2d9f7f8dbe5 42db7d1f5e038c8f5e06ac1b0e6e2212a08ad276523ebe89c5bcb59e08248566 Loading...

	#4 Eval - 3aa18ea73fbd38512528e479586095b3	169 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 3aa18ea73fbd38512528e479586095b3 a3c799ae83d3b5641c6bf038036a19793f60d383 0951b5dc00f6aac7a259c42788e796c3e2fe83844855881cc7bec936a32a76d7 Loading...

	#5 Eval - bc86a090ab69ae8ce7b2f99b30e3d259	303 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash bc86a090ab69ae8ce7b2f99b30e3d259 28b6998de67f7003f7a52aece18a7b84000b5d36 27c616ec38e351ec2c6e9158d63b658e2209a164dea2cc2c1c89b2e5d270e0be Loading...

	#6 Eval - 283505c9dec46391b024fc86834085ad	321 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 283505c9dec46391b024fc86834085ad 401eab222406acd687d48edc9e9e2ced34fdf146 1a112036b86d02938c58950596fe4de99142759c2a03cc1c2973ec75bf9e0926 Loading...

	#7 Eval - cb833ff481e5a3ca13f6178991fbe4e5	333 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash cb833ff481e5a3ca13f6178991fbe4e5 3babca66a2816f0539aa74fd0a198768e98f67c0 c073d8046d56119f6da4c65d45102b4881949c6f1df4a9c0ba198ff89601fa58 Loading...

	#8 Eval - 413b7dc1caac04ab95e8a1b230b9b3ad	25 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-04-26 06:22:55 Times Seen5509 Hash 413b7dc1caac04ab95e8a1b230b9b3ad 2657fe2eb543ebc0b54eaa7d3aba3a75fb638630 b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878 Loading...

	#9 Eval - 843f654d6741e54c216e0e84ec2c9789	116 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 843f654d6741e54c216e0e84ec2c9789 1e187cc9e1159708de8aea196a1e97a6971ac402 1c4345486730148c2e2852798f2c3eef358f232304268110ac6a36f47ccf4400 Loading...

	#10 Eval - 509304109416f04457c706b8bda925e7	523 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 509304109416f04457c706b8bda925e7 8240f15e46235c71c252b3fceb5eeb85854cff47 e6730a237bf83d95a1ba7d2699d84b2e44f5c27d55b0b22126a1b03a4263f152 Loading...

	#11 Eval - e2699e9a0315722f96fe00d168fd01b6	1.6 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash e2699e9a0315722f96fe00d168fd01b6 9e315df615621ae5d7592dd5071a3699ce3b228e 84ccbea2ac4e5394d5b1260c0c32427744a7c6441ad16f99d3dedc65a2d66368 Loading...

	#12 Eval - 4c7ef19c2b756bea8f09250bc10f057b	637 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 4c7ef19c2b756bea8f09250bc10f057b 6a53e6120ff4ce88949ab74c78556a1956f6b16d 8655855c81cf0478226e0f90675998646b70437d8a13176537feafe3378a9cdc Loading...

	#13 Eval - 4af427b6715ecd051bad8d6dfb4ef554	169 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 4af427b6715ecd051bad8d6dfb4ef554 4fd17d5deff3e43391ac6c9d54a0d05d76c7fb1e bc160ac6f5c14870d217053d339f5b894713761c04671dc3fea4f8227a33afe6 Loading...

	#14 Eval - 01ea4c86e074305b82f883916f02d7ff	195 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 20:27:38 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 01ea4c86e074305b82f883916f02d7ff cf8f6b45e872cc968354eef680a738f46762e65f 5d2894164f51b8e0dc8d9758b4a3d7c9fb560963cfaf62f0f41a79fc9049ab95 Loading...

	#15 Eval - 08192cf8691cba96864afa10fa73c988	323 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 08192cf8691cba96864afa10fa73c988 c7d2d1506b8998a748deb4bd6bed402ac3965cca 6a2e34ee79ec4a24736b7af5fe0214c75bc8316c5d82f1a5ab8f6c9f9c50d0c2 Loading...

	#16 Eval - d859c929b8bd933e08c7d938e1464847	302 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash d859c929b8bd933e08c7d938e1464847 85aafb4445745f384345c3f483f7d9567b632168 3b8ff21d4731ec9661455f056a639325d999f959edde159ca8027674d774a8c7 Loading...

	#17 Eval - 9a532145255d2f2f9de2713dd1d54134	154 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 9a532145255d2f2f9de2713dd1d54134 b8e61e9139d29cdae1a0a44b2e51eda912d8ff24 f9279672e83c6f95bdb9915c44bbfe32cf5554d1008a7b59db2441c89573e08d Loading...

	#18 Eval - 370afb9cc81371963937b44aeebbd7a3	226 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 370afb9cc81371963937b44aeebbd7a3 4a5c04e11c32f4555ee21125921d3c1dfdda9093 352922ed0ed493afee6fe4c4f38606c501d48e18e1489bae4036e4c6cde23883 Loading...

	#19 Eval - fa97b8b25a7fdd5fef69fffad105342b	254 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash fa97b8b25a7fdd5fef69fffad105342b fd616cfd503cc54f3c584929c887230a5afd4b8f 79dbec60c67f09690baf22334b4f1d9d2e20a43deb29408681085355c3a15d5b Loading...

	#20 Eval - 2350478280a2d3f174569c5d265eb733	1.6 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 2350478280a2d3f174569c5d265eb733 e2584f1592424cad515956254ae54e779d6e9be8 b1bfb045f87659c792ad184c1e8adde88caa69cee15a8a5f6af3a00c21f0c00d Loading...

	#21 Eval - 476da4e80cdde2d6f54c32b4ae40158e	388 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 476da4e80cdde2d6f54c32b4ae40158e cce68be9db508ebd9f81890a68456dbf5fb23a78 610a51a4d77ed903bfd4e0f3bb342956c10145601edc50e0386c145147ae1ff6 Loading...

	#22 Eval - db931e3d2fb31bc8bbe8dbdae4ec38a5	300 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash db931e3d2fb31bc8bbe8dbdae4ec38a5 bd862858eb73e047068ce8d7d47f6faeca8b83a9 ac9e02a76766b0d9b29581dac77e2f7d46b5387c306df5aa1edd5f1c847947b3 Loading...

	#23 Eval - b089ae75db761cb389c4fa910ed41088	136 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash b089ae75db761cb389c4fa910ed41088 3004926578444db9ef1fbbcb23e75ccf31bc6aad a7d1a52a8b66cdf4b38e4ad8f6e1123b9bfb874f1dda936d8a73a7ef0d9ee28d Loading...

	#24 Eval - 1057d85df9c81504460862e9655f3cc4	156 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 1057d85df9c81504460862e9655f3cc4 3601635af1ccda85f4b2e1725199e0c7afa34f32 60f44ddc8257b0179c5b813a6b39b9f9b4135424164e8974ce098a9937cf4785 Loading...

	#25 Eval - 849172a291bf27d72bc3d312bea98870	311 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 12:03:32 Last Seen2024-04-26 03:22:40 Times Seen2863 Hash 849172a291bf27d72bc3d312bea98870 a428bce2774cfb221ebef3a44ebe48042fe32a47 f23377476f3e798ff6e03a399b3a0f275a09b79afdfd766e87aae1e42787aa73 Loading...

	#26 Eval - 3fe8a9e45229699e289eb67fe1e329bf	124 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 3fe8a9e45229699e289eb67fe1e329bf 5d5619ba81de10d785cfa67a26ec7256f068117f 7b46586cbecfed9e51a18cd25961f5afff0a8fe059d4ba0377767b9f91a87979 Loading...

	#27 Eval - 41036ae18b596aa7bc34adf461af8735	325 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 07:51:03 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 41036ae18b596aa7bc34adf461af8735 160e540c56c9c8e0cfa18e454d6aabbdfc54edad 56dec191119f1fcc3ef2afaba22aa395abe47ae176614fe2b7d33e2472486f17 Loading...

	#28 Eval - 19e5ae1cde8608c552459f6d71673085	325 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 20:27:38 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 19e5ae1cde8608c552459f6d71673085 d17afc11d174bcc648c354a8c04f7fe3ff3f5723 c2148751670678fff6d83fa516e1da923634391484fc859376b1bac0422de4fa Loading...

	#29 Eval - 14f7a8798ed5108b5518ecc201c174ec	322 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 14f7a8798ed5108b5518ecc201c174ec 2e13f3868a156b6f886055c18474906de2fda66e 8e151980374a74065dd6a0cf12560389125c5eebbd97e140f88d418a64e53ec2 Loading...

	#30 Eval - 52de8d9533d3b180eeff9e768bc7ef11	1.5 kB	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 52de8d9533d3b180eeff9e768bc7ef11 cfd4c3d8c40cdcdb9a5bb698728b70ced74a8afa d77a3adfe9faafc50194fdd3bec499e3018f67ce1018be7d7b043a6b00b2e0df Loading...

	#31 Eval - fb3d29c51c0e30619b5cbfaa6a54e25a	243 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash fb3d29c51c0e30619b5cbfaa6a54e25a 2eccbb24012a59005b8dd944dd95739f22dce456 73587d526f3b1edcbd28a260cb120d1671d5b428eae2f2ea9919bc4165559d26 Loading...

	#32 Eval - 6e34e3c30ec4a030501bd2d9ddfbe831	293 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 6e34e3c30ec4a030501bd2d9ddfbe831 afd1d8c1ce7245ce1888c52561fcc753b17bc2e9 460243d6bd93624aff399ad953a1cc0a5be677b3a2b994de864cb609c1373f44 Loading...

	#33 Eval - 7d5fb77c4f0e0268686d9dd17015f574	325 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 7d5fb77c4f0e0268686d9dd17015f574 f29c7ccd7b3fdc4306df0b28307e84ec8ae080b4 6a315cd61d3556a261a1c5e88b661c55b4a59915ebfd80800f4a4fe5419b179d Loading...

	#34 Eval - 975bdcd2bbe849526568f4ee01959973	116 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 975bdcd2bbe849526568f4ee01959973 5acbea51bdc2ade8dadc00774407d3d19bfc66a4 029f233c60e86e2318fecc5785539b338cc01ee96badfe2bbd2ee954234bc52f Loading...

	#35 Eval - c88a00284db430e833b7bae2206d8523	459 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash c88a00284db430e833b7bae2206d8523 c95ed9bd481a68ad4296b139d34356ba7a9ab105 ec0c472f1b119f40e9a549feb0278fa7cb2aed3b9a4d0849aeb63ea57ac29591 Loading...

	#36 Eval - 223d00099cad0fd8e41142cb67c95209	300 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 223d00099cad0fd8e41142cb67c95209 f55e1159d1ab7a44afcced45e688679cba5f8b76 c2846272dce97bc790d2f73cbaa982b6d5c6b5a34dd657ddb8a3cc86985c8af6 Loading...

	#37 Eval - da3a5205ef746afd1ae4ab32201784cf	1.6 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash da3a5205ef746afd1ae4ab32201784cf a8f9f292e0b2de968a615fd3c39ef2192e20623d 14ef6cb8ef1fd74dd475ff81156cfc20e7d38ca65964a5589fbb7f30d5a9b1b2 Loading...

	#38 Eval - d0ab4137189b60b3780cf7089d7ec4a7	660 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash d0ab4137189b60b3780cf7089d7ec4a7 fbc208bae13e30ff72191092f2a31794079a8ea4 6ecd98d4b744100c970a4694fb197d4d366473f56bae51486960f65ff356702a Loading...

	#39 Eval - ccdbc397d0bad5c72b2407c592eb3980	333 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash ccdbc397d0bad5c72b2407c592eb3980 3414ef37e0f87623e37874d3e5ea5ec7abfe4c50 0d699abc7adfec96920556641981e293723a190c2f85dbb971eb53caad049944 Loading...

	#40 Eval - 04ed65b522c2ccc070ddefa867bb4f70	373 B	2023-03-09	2023-03-13
Pretty Observations First Seen2023-03-09 22:15:42 Last Seen2023-03-13 20:27:38 Times Seen1 Hash 04ed65b522c2ccc070ddefa867bb4f70 8679adbf741e45246add5efd8d756f0edb140a35 bb0c17045bbefa1388396ffd9f2c77a6a8b3970cc9a9284a5709e9970192f3c0 Loading...

	#41 Eval - e63d34d3b59a2273d64bfc333ca1c26e	1.6 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash e63d34d3b59a2273d64bfc333ca1c26e f536bf68cad3173c0e5e427c8f778db8b35cc3eb 2ea872f18c5d2107f497929ea8b8eff648123ee0cbb1e6c2bae70674988ad9f2 Loading...

	#42 Eval - baa2a76683f2c664c9a604b514b83ce2	325 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 18:57:49 Last Seen2023-03-13 20:27:38 Times Seen1 Hash baa2a76683f2c664c9a604b514b83ce2 efafe87caa6cc66c3c27fba3ac83d8387bd9dac7 952e4390835d9ba1b606c10c44b3bfcdfe555afbe363bd18cbb0ec6b8bf10cb4 Loading...

	#43 Eval - 1c101e72065840b0b6ad5716c684fd37	139 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:06:27 Last Seen2024-04-24 20:46:45 Times Seen843 Hash 1c101e72065840b0b6ad5716c684fd37 14d7e4819d5aec78f413ce23faf07ad87f97f742 76702b9bebc3003ca843d6055812cdeb18494584210049bffef4b44a4447bb4a Loading...

HTTP Transactions (55)

URL IP Response Size

www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas

54.230.111.66

301 Moved Permanently

167 B

URL HTTP/1.1
www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas
IP
54.230.111.66:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas HTTP/1.1
Host: www.qld.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 09 Feb 2023 11:41:51 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas
X-Cache: Redirect from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: Op0dB2TMn1DtVOFLx15XaS6lXzlZNRedALKM_sVwhXcgBkgeBXFe4A==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7918
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 11:41:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9810
Expires: Thu, 09 Feb 2023 14:25:21 GMT
Date: Thu, 09 Feb 2023 11:41:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 11:34:15 GMT
content-type: application/json
age: 457
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3050
Expires: Thu, 09 Feb 2023 12:32:42 GMT
Date: Thu, 09 Feb 2023 11:41:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: S6P6IRMwFACgm6r2TVgqEK6BiUcDrmT+fKgrTmhYGT/o1iQtFuRNcR4hoqhJ+T7lm0GCNVc9bfY=
x-amz-request-id: CGD0J38DM8PZ5J5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 10:46:22 GMT
age: 3330
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:41:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

151.101.194.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.194.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
26f058a4fc35d6d63f4344feee30e9d3
4fb6fa5a08f35907529fdac6a47736d35f2f4b75
5b18d358ef26a643253206efda6a0ecc0521b647ca894b8a0bd2ec95d7843e9d

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 13 Feb 2023 11:41:51 GMT
ETag: "4fb6fa5a08f35907529fdac6a47736d35f2f4b75"
Last-Modified: Thu, 09 Feb 2023 11:41:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 11:41:52 GMT
Age: 0
X-Served-By: cache-qpg1238-QPG, cache-bma1663-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1675942912.056800,VS0,VE377

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:14:53 GMT
age: 1619
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2853
Expires: Thu, 09 Feb 2023 12:29:25 GMT
Date: Thu, 09 Feb 2023 11:41:52 GMT
Connection: keep-alive

push.services.mozilla.com/

54.186.236.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.236.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v31MejYY3P6k3lhgeQ0Evw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 71aeGUF8M4YIUAva5C+M1WyRviU=

ocsp.globalsign.com/gsrsaovsslca2018

151.101.194.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.194.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
26f058a4fc35d6d63f4344feee30e9d3
4fb6fa5a08f35907529fdac6a47736d35f2f4b75
5b18d358ef26a643253206efda6a0ecc0521b647ca894b8a0bd2ec95d7843e9d

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 13 Feb 2023 11:41:51 GMT
ETag: "4fb6fa5a08f35907529fdac6a47736d35f2f4b75"
Last-Modified: Thu, 09 Feb 2023 11:41:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 11:41:53 GMT
Age: 1
X-Served-By: cache-qpg1238-QPG, cache-bma1663-BMA
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1675942914.727958,VS0,VE0

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 11:41:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 11:41:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 11:41:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 11:41:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 11:41:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3474 bytes)
Hash
2c1f5626e7ff7e681468c3c5820f3633
a8bb267f929b734a53b3dab0283c717270f6eb43
38d81274cc9f71f149091f72494c74872d99909c69d612a595c930c4755c4da3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 1b0f88cf-460b-4ed2-8235-86c9e3e3ff93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffW2uG3LIAMF3cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d604f7-42e5c38315bdbd47615985b6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 05:32:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nfLYmz3SEBzBp32-FDPDF-rqh4-pAjLixYD4abVqF5fl3awttBNRUA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:47:56 GMT
age: 46438
etag: "a8bb267f929b734a53b3dab0283c717270f6eb43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3599 bytes)
Hash
10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBM94J-bP0KLv3VUKHBQcndevBxzLc1rQ27Mc4Z_C-CGOyCH_FlKDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:14:59 GMT
age: 48415
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15019 bytes)
Hash
95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 07:45:45 GMT
age: 14169
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas

54.230.111.120

301 Moved Permanently

5.9 kB

URL HTTP/2
www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas
IP
54.230.111.120:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5878 bytes)
Hash
b5d772db4ded57c20c60afa587324afe
caaf5472af022dfc83c5cc7d0b304083f72b9a93
30b95ed40ca5da3155a6d25132d69956fb7be65aa001d993e581efc0a9044b7d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/restrictions-impacted-areas HTTP/1.1
Host: www.qld.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: https://www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas
cache-control: max-age=0, private
via: 1.1 squizedge.net, 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
server: openresty
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 11:41:53 GMT
set-cookie: SQ_SYSTEM_SESSION=3b093d95d49c1f26f4e7534ace5d292b; path=/; secure; HttpOnly
origin-server: core-prod
strict-transport-security: max-age=31536000
x-upgrade-enabled: off
x-frame-options: SAMEORIGIN
x-request-id: aa83a4eb-689c-4e98-b648-a53d573bd377
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fS6WRtkFPDN0j1ZFpEngRnINj4D4ivaYljrVtNd_qeJ206bDFeY4Cw==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8717 bytes)
Hash
82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 50347
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11256 bytes)
Hash
4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tlIxKyJ3tqYVM667Uz4n2OHk2eiLer2Nc7bnFKqJUZcYDoPqjRlagQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:24:56 GMT
age: 58618
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

code.jquery.com/jquery-3.3.1.min.js

69.16.175.42

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:41:55 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675942915.dop201.sk1.t,1675942915.cds261.sk1.hn,1675942915.cds240.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/4pNv2Tm5uNQ

142.250.74.131

200 OK

3.8 kB

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/4pNv2Tm5uNQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
3.8 kB (3781 bytes)
Hash
3fe36cc82c0b221322a20f8f22017f22
b078a72c944b9aa7d4721fd83205ecec019e700f
de8bd8ea76c8aa928e05d678211e5b61838ca50d74412391a7eeb66fe2ad0baf

HTTP Headers

POST /s/gts1d4/4pNv2Tm5uNQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app-script.monsido.com/v2/monsido-script.js

34.98.105.146

200 OK

2.8 kB

URL HTTP/2
app-script.monsido.com/v2/monsido-script.js
IP
34.98.105.146:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (8622), with no line terminators
Size
2.8 kB (2758 bytes)
Hash
15f435c3a8c49a34384a1c77dd56daf3
cd77e622650c1dabd1295e2085dd7dd29eed9861
0770375d98b444940e1145abdcfa885a01c798c89e1bcd1def243920834fd6b4

HTTP Headers

GET /v2/monsido-script.js HTTP/1.1
Host: app-script.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycduPvp8eWuHmWlxEVUeZvvbX_erwVZR1jN_gfUDBgsWP797x5NiiN3x92Q4VcMJPHfV-ZfgZ7-BDoplLkJZq85FS
x-goog-generation: 1673436131172035
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2758
content-encoding: gzip
x-goog-hash: crc32c=ACeR+g==, md5=FfQ1w6jEmjQ4Shx33Vba8w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2758
server: UploadServer
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:40:20 GMT
expires: Thu, 09 Feb 2023 11:45:20 GMT
cache-control: public, max-age=300
age: 95
last-modified: Wed, 11 Jan 2023 11:22:11 GMT
etag: "15f435c3a8c49a34384a1c77dd56daf3"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

142.250.74.106

200 OK

1.0 kB

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1019 bytes)
Hash
049a42b50363436cf09771921ec9e0e0
ba1238aa2c0b6559029fcb89ef5b31a1b6b9b615
469a9d49a58d2f2c45e679ef8d5232fe8b486d02c2458d1526df149af1305c8e

HTTP Headers

GET /css?family=Lato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:41:55 GMT
date: Thu, 09 Feb 2023 11:41:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/4pNv2Tm5uNQ

142.250.74.131

200 OK

15 kB

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/4pNv2Tm5uNQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
15 kB (14599 bytes)
Hash
7c460420e4e2f61fe900ccd38a298a6c
a8081166fad3b29a5c2b6758f43b905d82030cc8
f713e9683e5035ccb5e514e6a9c754ee5553a38b29a05d0eba2517410f814999

HTTP Headers

POST /s/gts1d4/4pNv2Tm5uNQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

24 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
24 kB (23799 bytes)
Hash
519ef3013791cdee6db5bda911116c92
c05d5e7034b1ea1e99c9642c4f46b2c62170570f
4946063f160f8678436ce9ff5d8bbd35ff20fdde20f6f8e0919013f9553841f5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

2.0 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
2.0 kB (2044 bytes)
Hash
8553918f6c741df08dc3cc90f0161984
fe95966cd58abf6b37246592eb48cb8d26fcdedb
3d916d363d146683cbc07d3f49f650f79f5e75740ec5616edaae120dcc025439

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
24 kB (23570 bytes)
Hash
c8b4d04f3b8b5a2892779f7e278720ef
30238e688cb1955e812364293850dd029e2e6f80
35d370ee5f87fa2a0e58235adf09ea8c37523a569fbc10c344e2be1e4900f657

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 17:10:46 GMT
expires: Wed, 07 Feb 2024 17:10:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
age: 153069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

52 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
52 kB (51503 bytes)
Hash
ed8e50ad6800197f309d95a197b568f5
f4fcbf5afb8e286ca640fa9f9cd31d810606d252
d21b32fc0e7996679deef84fa5bd430ccf5378ede840d2d7cb0f5de6b693ee8d

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:13:54 GMT
expires: Fri, 02 Feb 2024 13:13:54 GMT
cache-control: public, max-age=31536000
age: 599281
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PMDS7K

216.58.207.200

200 OK

102 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PMDS7K
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
data
Size
102 kB (102200 bytes)
Hash
422d2e9e5519ad34d14878c1533ccd1a
f2668256c903c1f3c49e1f3e48fc88b763857d91
a4e2b84e42816bf834eedf425d366dc0ad0b2622293b0f01ff6bf3d9755d3b70

HTTP Headers

GET /gtm.js?id=GTM-PMDS7K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:41:55 GMT
expires: Thu, 09 Feb 2023 11:41:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 09:40:57 GMT
expires: Sun, 04 Feb 2024 09:40:57 GMT
cache-control: public, max-age=31536000
age: 439258
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

13 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
13 kB (13121 bytes)
Hash
c83201ec428175921867a18936559b50
49961e6f1e6d3c273b6150b1f24d5c76c03dc877
f44d78447ff43144bda010ff875a0d08042cdeb490196cfc17e3b3cf169c72ee

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/dMGPbX695M8

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/dMGPbX695M8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ba470a9528b132e25539de02fed5731
5c50103c128f3f09d743b8e47c3cdf8634a664e9
b220fb3eb0ad3c7e32ce5ea7ce95b18986ebc2279ddda0e1c932462ccd0b0cf7

HTTP Headers

POST /s/gts1d4/dMGPbX695M8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tracking.monsido.com/?a=8q1r4WDCXd7kQMy76e4Fig&b=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&c=A871675942974845&d=1280x1024&f=BC21675942974845&h=2

35.190.93.146

200 OK

43 B

URL HTTP/2
tracking.monsido.com/?a=8q1r4WDCXd7kQMy76e4Fig&b=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&c=A871675942974845&d=1280x1024&f=BC21675942974845&h=2
IP
35.190.93.146:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /?a=8q1r4WDCXd7kQMy76e4Fig&b=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&c=A871675942974845&d=1280x1024&f=BC21675942974845&h=2 HTTP/1.1
Host: tracking.monsido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private, no-store, max-age=0
content-type: image/gif
expires: 2023-02-09T11:41:56Z
date: Thu, 09 Feb 2023 11:41:56 GMT
content-length: 43
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/dMGPbX695M8

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/dMGPbX695M8
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ba470a9528b132e25539de02fed5731
5c50103c128f3f09d743b8e47c3cdf8634a664e9
b220fb3eb0ad3c7e32ce5ea7ce95b18986ebc2279ddda0e1c932462ccd0b0cf7

HTTP Headers

POST /s/gts1d4/dMGPbX695M8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 09:44:09 GMT
expires: Thu, 09 Feb 2023 11:44:09 GMT
cache-control: public, max-age=7200
age: 7067
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BSW42XWCV&cid=1477731970.1675942975&gtm=45je3280&aip=1&z=1780338354

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BSW42XWCV&cid=1477731970.1675942975&gtm=45je3280&aip=1&z=1780338354
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BSW42XWCV&cid=1477731970.1675942975&gtm=45je3280&aip=1&z=1780338354 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:41:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&gjid=1768900157&_gid=396023067.1675942975&_u=YCDAgEABAAAAAEgEK~&z=1056331095

64.233.163.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&gjid=1768900157&_gid=396023067.1675942975&_u=YCDAgEABAAAAAEgEK~&z=1056331095
IP
64.233.163.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&gjid=1768900157&_gid=396023067.1675942975&_u=YCDAgEABAAAAAEgEK~&z=1056331095 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.qld.gov.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 11:41:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:41:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

40 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
40 kB (39884 bytes)
Hash
a7e758118e49a1168ba4ac079e0dfb6e
90b564304e5252e95e6eaad3c065c7c690688211
1bfd5fa77d39f4a524be3be88dd4b5fc74b5c9815e9f4f99db2686a54766038a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-7276966-11&cid=1477731970.1675942975&jid=1203186236&_u=YCDAgEABAAAAAEgEK~&z=910333338 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:41:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:41:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-2BSW42XWCV&gtm=45je3280&_p=32527146&_gaz=1&cid=1477731970.1675942975&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&sid=1675942975&sct=1&seg=0&dt=Restrictions%20for%20Impacted%20Areas%20%7C%20Health%20and%20wellbeing%20%7C%20Queensland%20Government&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ui_language=en&ep.dcmi_created_date=2021-01-08&ep.dcmi_modified_date=2021-11-11&ep.dcmi_content_type=Text&ep.agls_document_type=guidelines&ep.dcmi_audience=all&ep.ga_measurement_id=G-2BSW42XWCV&ep.gtm_container=GTM-PMDS7Kv197&ep.gtm_environment=&ep.metadata_keywords=&ep.metadata_subject=&ep.hit_timestamp=2023-02-09T11%3A42%3A54.876%2B00%3A00

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-2BSW42XWCV&gtm=45je3280&_p=32527146&_gaz=1&cid=1477731970.1675942975&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&sid=1675942975&sct=1&seg=0&dt=Restrictions%20for%20Impacted%20Areas%20%7C%20Health%20and%20wellbeing%20%7C%20Queensland%20Government&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ui_language=en&ep.dcmi_created_date=2021-01-08&ep.dcmi_modified_date=2021-11-11&ep.dcmi_content_type=Text&ep.agls_document_type=guidelines&ep.dcmi_audience=all&ep.ga_measurement_id=G-2BSW42XWCV&ep.gtm_container=GTM-PMDS7Kv197&ep.gtm_environment=&ep.metadata_keywords=&ep.metadata_subject=&ep.hit_timestamp=2023-02-09T11%3A42%3A54.876%2B00%3A00
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-2BSW42XWCV&gtm=45je3280&_p=32527146&_gaz=1&cid=1477731970.1675942975&ul=en-us&sr=1280x1024&uaW=1&_s=1&dl=https%3A%2F%2Fwww.qld.gov.au%2Fhealth%2Fconditions%2Fhealth-alerts%2Fcoronavirus-covid-19%2Fpublic-health-directions%2Farchived-assets-restrictions-in-qld%2Frestrictions-impacted-areas&sid=1675942975&sct=1&seg=0&dt=Restrictions%20for%20Impacted%20Areas%20%7C%20Health%20and%20wellbeing%20%7C%20Queensland%20Government&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ui_language=en&ep.dcmi_created_date=2021-01-08&ep.dcmi_modified_date=2021-11-11&ep.dcmi_content_type=Text&ep.agls_document_type=guidelines&ep.dcmi_audience=all&ep.ga_measurement_id=G-2BSW42XWCV&ep.gtm_container=GTM-PMDS7Kv197&ep.gtm_environment=&ep.metadata_keywords=&ep.metadata_subject=&ep.hit_timestamp=2023-02-09T11%3A42%3A54.876%2B00%3A00 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.qld.gov.au
Connection: keep-alive
Referer: https://www.qld.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.qld.gov.au
date: Thu, 09 Feb 2023 11:41:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas

54.230.111.120

301 Moved Permanently

0 B

URL HTTP/2
www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas
IP
54.230.111.120:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /health/conditions/health-alerts/coronavirus-covid-19/current-status/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas HTTP/1.1
Host: www.qld.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SQ_SYSTEM_SESSION=3b093d95d49c1f26f4e7534ace5d292b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: https://www.qld.gov.au/health/conditions/health-alerts/coronavirus-covid-19/public-health-directions/archived-assets-restrictions-in-qld/restrictions-impacted-areas
cache-control: max-age=0, private
server: openresty
x-content-type-options: nosniff
via: 1.1 squizedge.net, 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
date: Thu, 09 Feb 2023 11:41:54 GMT
origin-server: core-prod
strict-transport-security: max-age=31536000
x-upgrade-enabled: off
x-frame-options: SAMEORIGIN
x-request-id: 3194a556-ae73-4185-a8ab-05827b230510
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pYyWyMfYZ6HpBuUwmw4mAxxKJ2FasmIqImcw8TtbmrYrq6qLS7kfXQ==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (62)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML