Report - coronavirus.egovoc.com/guidance-businesses-worksites

Report Overview

Submitted URL
coronavirus.egovoc.com/guidance-businesses-worksites
IP
52.244.223.173
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-02-06 07:03:21
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-13T05:10:57Z	385 B	29 kB	216.58.211.14
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-13T08:10:58Z	350 B	944 B	143.204.48.16
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	392 B	45 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.239.226.203
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	758 B	846 B	142.250.74.162
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	619 B	598 B	64.233.165.154
action.dstillery.com	6810	2015-04-09T00:45:29Z	2023-03-13T09:06:57Z	459 B	733 B	104.18.23.234
wsv3cdn.audioeye.com	3722	2017-03-09T23:59:50Z	2023-03-13T07:42:59Z	3.5 kB	58 kB	104.18.24.76
insight.adsrvr.org	631	2012-05-30T16:03:18Z	2023-03-13T05:18:25Z	605 B	262 B	35.71.131.137
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	7.0 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	840 B	57 kB	142.250.74.74
js.adsrvr.org	1664	2012-11-26T21:54:54Z	2023-03-13T06:57:06Z	374 B	2.4 kB	143.204.45.46
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	488 B	5.1 kB	216.58.211.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	524 B	46 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	80 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	379 B	21 kB	142.250.74.110
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.7 kB	93.184.220.29
coronavirus.egovoc.com	unknown	2020-03-15T21:11:18Z	2023-01-04T20:37:42Z	7.3 kB	1.4 MB	52.244.223.173
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	380 B	29 kB	31.13.72.12
wsmcdn.audioeye.com	28232	2019-12-16T15:08:31Z	2023-03-13T09:06:52Z	368 B	357 B	104.18.24.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-13T05:09:17Z	853 B	6.9 kB	172.64.133.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-06 07:03:53	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-02-06 07:03:53	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-02-06 07:03:53	medium	Client IP	52.244.223.173	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-02-06 07:03:53	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-02-06 07:03:54	medium	Client IP	52.244.223.173	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M2

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 143.204.45.46 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	connect.facebook.net/signals/config/2689957521285597?v=2.9.95&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/2689957521285597?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 9f52fc4b3f2fb1a272009b231ded59a2 fe242b905839747d9d4ffacc5d5d0284720b144b a1e0f78a63c75168d3d87f72cd6620b22333dcddd608a0774884740b0f7eda12 Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	337 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash c017c4e392fd0586f19609033b3fe8ef 73d6e229a782ee76de58c2c8088f2ab1a8d98f96 b7022db88449500e969c9c40f1880425d03bf608867337755c098b3aa4007ea9 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TC876QF	140 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TC876QF IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 6ee257cfe2700ece3bfbd3477467df73 60becf77835fa85d051b63dc762a74b96081824c d76d78b8bf8ad85a6ba1515f70957e005c01924184a16ec88a2d902b4e191cef Loading...

	wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd	35 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 72552d785264af4d6eae3629d50bd72d ae7c1a7716f261b96d58737925ec2d34422225ef d9a978101442cd2da7db19dc9d5cf45a1d4ce8be55c8b3ce2d496e62ddab17d5 Loading...

	www.googletagmanager.com/gtag/js?id=UA-161599881-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-161599881-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash eb7a53a83c71dcf88babea1c61ab6f67 21ddb40d7569f01e092a097dcd67e94c280c55be dd9230454e33b1cf84b6c4a600763758030b21bf2bdee4ed13632b09e898b856 Loading...

	wsv3cdn.audioeye.com/v2/build/3772.bundle.6eb1fb8.js	480 B	2023-03-09	2024-02-14
Pretty URL wsv3cdn.audioeye.com/v2/build/3772.bundle.6eb1fb8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:19 Last Seen2024-02-14 05:29:41 Times Seen871 Hash 031ffa4b09cd5d06511f8c85020f8a6b da4e240560b1f8eaf0eb4cd3b0355a5a38be753d 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1 Loading...

	wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8	1.1 kB	2023-03-07	2023-04-05
Pretty URL wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8 IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-04-05 01:55:16 Times Seen32 Hash 1c54664c662ff9f693d3fd0553794157 534de45985980fe854ab9e1c9e1388072f8ca067 5ebbe6696f7e939b7d7e1e9a20cf833accf195895cf9c40e8d017ceaf97108d4 Loading...

	wsv3cdn.audioeye.com/v2/build/874.bundle.6eb1fb8.js	193 B	2023-03-09	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/build/874.bundle.6eb1fb8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:19 Last Seen2024-04-25 00:12:32 Times Seen925 Hash 70026b0c4a787b8e5bba07bf62a8211a 03a7a97c2a883a79573f9f443bb6b34de8ef9376 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75 Loading...

	coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js	241 kB	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js IP 52.244.223.173 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 346efc35888e370ba148c8f2fabed79b 07b4fde11fb5d1dd375fa4e6f95bdecac51b4ece 6d985a515c35f286c333f5dd3f5513ab3130f68807b1f65b6e2ee96c3fa7ac19 Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	922 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 996e241f90700b2f5cf3aff4e0758d49 0d691ad57d5f8f94e065df06bb3a6dbae460cbb2 21d7ddc8a55f5b054aa5bac9d61cd4b28ddb1fe3f3c0f0a8b931e51b115e4a92 Loading...

	coronavirus.egovoc.com/extra/legacy.js	1.9 kB	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/extra/legacy.js IP 52.244.223.173 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash d3929db80c61564f7c1c1af7c45fee99 289cfb498e0e81038ca728ce9706d9c25089f073 214bfb52965fa9d6c42b85d8ba0f24e647d2284ce5054ade93026e9e8c6d61b1 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js	370 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:47 Last Seen2023-03-13 18:15:16 Times Seen1 Hash e8874855ca9a3305db9ddb3f2d79aa28 ca55ac7ddd93750b02fbc3b1ce4f549a433a2529 bc5bb0461a51b96b75d031363ebdc3b15e2ce7a79067880e94a0708c8e1afc2d Loading...

	wsv3cdn.audioeye.com/v2/build/6365.bundle.6eb1fb8.js	1.1 kB	2023-03-09	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/build/6365.bundle.6eb1fb8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:03:21 Last Seen2024-04-25 00:12:30 Times Seen745 Hash 76ca9350a4c018395c1f725ff9558d42 31adf06b9d0be17c33e1e3a5b1e6c69f8e8017c9 1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2 Loading...

	translate.google.com/translate_a/element.js	80 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash d31d236ea89bdb533cf09110902524a0 f5a5cc3f390a64305f83037d81d982baf142fb3f 74a6b926f1198fc68176c2df1a995fa071a83482965bb350a8c70acf74a073c8 Loading...

	wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js	139 kB	2023-03-08	2023-04-24
Pretty URL wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:18 Last Seen2023-04-24 20:21:11 Times Seen61 Hash c1ee2ae711e4aae4da02092df1b5a209 70cbdf95809189831e40bbb84fe09210e22e86bb 15c9f823e545a9686e974826b0568a53a651eff347af2f7abae879ed0a5ba3dd Loading...

	use.fontawesome.com/releases/v5.5.0/js/v4-shims.js	15 kB	2023-03-11	2024-03-05
Pretty URL use.fontawesome.com/releases/v5.5.0/js/v4-shims.js IP 172.64.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:49:03 Last Seen2024-03-05 17:36:51 Times Seen12 Hash 1d7fb237e3d6dd696dbf2d6727a1c616 355e1d637e9e63c135f64f19e3bb0aa3c71ef0c7 71ca7e322979cb3f2233d6cb36829e027fdc1397ce4ff054bc7a7889007bf97d Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	433 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 06a7ef3a2c0c6d62477da180270119ba 354d2b85202a8b268e4c1bd695a6e567f018a3aa 606d07b64e83a5efe881c54a12c651cbda6ab2e38b3d99dbb647fa33aff903eb Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main	214 kB	2023-03-13	2023-03-13
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:25:47 Last Seen2023-03-13 19:17:21 Times Seen1 Hash 3dc5e5217f1ceee73321e8935f8d8fde 2c61cc7caf541913365418164e2514101d5e8d27 c519e5093f80d6f02e96b1e03402868bc8e485119a3a358602e6614d3ffd676c Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	172 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 1745ce03f79c4e3a896ff6a4f0958699 1a7c768283f147df9a84f08360813b8c7e1aced9 6176ab255cd1efb3c79a6729c916afaa57c41812bbf2c46890db93f6d79d8174 Loading...

	use.fontawesome.com/releases/v5.5.0/js/all.js	1.1 MB	2023-03-07	2024-04-06
Pretty URL use.fontawesome.com/releases/v5.5.0/js/all.js IP 172.64.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:27 Last Seen2024-04-06 08:08:56 Times Seen737 Hash 02dc00e986773a2294d5ce33ef02e442 d0f4ff24480d518ca8301e4d7df51cd9f1b1b9ae 16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17 Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	423 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 545ba4781450a88876c7355da0d56b0b dd04742e48c44b4c364df4712d437fa41cc1b4d9 aeb9fe7f61a037c9bad6a5e7e023661b8312923d28a5129ed78e44db32b5c5e6 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	wsmcdn.audioeye.com/aem.js	1.0 kB	2023-03-07	2023-11-05
Pretty URL wsmcdn.audioeye.com/aem.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:12 Last Seen2023-11-05 00:25:26 Times Seen863 Hash c5f5d23dbd841fb0868078e4bfbbd713 2f28ce456fa7b6b2aa7692b1364c2c49fc26f0b6 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2 Loading...

	wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js	98 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:47 Last Seen2023-03-13 18:15:16 Times Seen1 Hash 41cf761c4f1c38f34a9e7b2b1d392a4b 03627ff3832caefa9f046055dc9029482c8a6055 a69edf41ff824dd7114ad6d963c272de1ed2e58704187034c25c530298f5292a Loading...

	wsv3cdn.audioeye.com/v2/build/5121.bundle.6eb1fb8.js	382 B	2023-03-09	2024-04-25
Pretty URL wsv3cdn.audioeye.com/v2/build/5121.bundle.6eb1fb8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:23:18 Last Seen2024-04-25 00:12:29 Times Seen916 Hash 6fdd0151ab6aeea9275d363e8370b823 3dbd98dc4746f1a2e98817ecae728d7e8d0dd06f 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e Loading...

	coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites	146 B	2023-03-13	2023-03-13
Pretty URL coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash bc129e86ddd7cf87f90f8ea1f32abc82 58048c6372880c6b03f3f4a31e79b9d8be304110 09b996b4ba6505a331cd290c328d24c0f93748fb85fca572a576680d064d9933 Loading...

	action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]	5 B	2023-03-07	2024-04-22
Pretty URL action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL] IP 104.18.23.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:39 Last Seen2024-04-22 16:48:45 Times Seen464 Hash cc9067c2ee470dc248b14b194209a34e 31789ace8fdb0fae2976e8303b614c51d0a139a9 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3 Loading...

	wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8	34 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8 IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:15:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash d9669944578adcb72f2f19ad3eec0e3c d9be1d2c4fe97a86dfa357b2edd0b86bbcb1aaf4 193284eef6dabdd9cd033441e7868e5f994dc7413946dfc32eec02532deefd6b Loading...

	wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js	81 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:02:16 Last Seen2023-03-13 21:12:58 Times Seen1 Hash 7fe67b503c8fd4b4285afb5622aac35a f83def8f5ab341f2f9dedd965114bbcdacec15a6 f8796295407668b07d19dda532d1f74ed4e4b01911756fa075d53e41505be1d3 Loading...

	wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js	154 kB	2023-03-13	2023-03-13
Pretty URL wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js IP 104.18.24.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:02:16 Last Seen2023-03-13 18:15:16 Times Seen1 Hash cfa22c09fc67014e4775f9335b0bb5a2 b3796c9b81ae6e6b67b6771c68ca27f4dee9c933 a83304e4dd81528c17c78253d197761f668f5d35d9dcf168e00a58f34f62a70b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0c6d7d30b3f8a334896db9723945a3d1	10 kB	2023-03-08	2023-08-31
Pretty Observations First Seen2023-03-08 05:34:19 Last Seen2023-08-31 00:21:58 Times Seen230 Hash 0c6d7d30b3f8a334896db9723945a3d1 d73a4a4ee8d035cb1c25ebc89123c8621e971828 2e78d02f2ed2baec3358870c4cc12368b3ba8cae8578b5bb8946ff46437e027e Loading...

HTTP Transactions (75)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19975
Expires: Mon, 06 Feb 2023 12:36:05 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16474
Expires: Mon, 06 Feb 2023 11:37:44 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 06:36:27 GMT
content-type: application/json
age: 1603
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8172
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive

coronavirus.egovoc.com/guidance-businesses-worksites

52.244.223.173

301 Moved Permanently

194 B

URL HTTP/1.1
coronavirus.egovoc.com/guidance-businesses-worksites
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
194 B (194 bytes)
Hash
ec0f2d6d8da7997a10f72a2537729e59
d6b8ca36f266d92775f5b757e65b8c10c747c30a
95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /guidance-businesses-worksites HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 06 Feb 2023 07:03:09 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://coronavirus.egovoc.com/guidance-businesses-worksites

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: KdbjLFHhiXIU4WF2s1KAO7pSM05v9mV96CL4cBHS9SRwsUQmEmEx0MrA5NDsiT+jFrxsTzsWhAc=
x-amz-request-id: K21DWYC616369K93
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 06:53:36 GMT
age: 574
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 06:07:20 GMT
age: 3350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10572
Expires: Mon, 06 Feb 2023 09:59:22 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-161599881-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-161599881-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43914 bytes)
Hash
d6fb87a6f147eb81241cfacb0d3c9ce7
f68b6f02075bd56d87e391659a24bc5e41c96dc2
581a68bd752e56a2bec217e121ee69d658d109e1e152279218c15d05915148aa

HTTP Headers

GET /gtag/js?id=UA-161599881-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 07:03:10 GMT
expires: Mon, 06 Feb 2023 07:03:10 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coronavirus.egovoc.com/sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css

52.244.223.173

200 OK

4.7 kB

URL HTTP/2
coronavirus.egovoc.com/sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
troff or preprocessor input text\012- assembler source, ASCII text, with very long lines (619)
Size
4.7 kB (4689 bytes)
Hash
643926b99a44515d357e775ab3fcdf8e
4cc00e922508e96aa900112010cb1882814b3079
7f6f6e3bbbb56227262c16de004b00fde31cc928c7235e96ebf7b4dc7024382b

HTTP Headers

GET /sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: text/css
content-length: 4689
last-modified: Thu, 26 Jan 2023 18:09:08 GMT
etag: "63d2c1c4-1251"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.239.226.203

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.239.226.203:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BbQovMDnNFEofqj+974jPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B8DbK81JQgN1zhaWFRYBJAmG4XE=

coronavirus.egovoc.com/extra/legacy.js

52.244.223.173

200 OK

1.9 kB

URL HTTP/2
coronavirus.egovoc.com/extra/legacy.js
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (774), with CRLF line terminators
Size
1.9 kB (1882 bytes)
Hash
d3929db80c61564f7c1c1af7c45fee99
289cfb498e0e81038ca728ce9706d9c25089f073
214bfb52965fa9d6c42b85d8ba0f24e647d2284ce5054ade93026e9e8c6d61b1

HTTP Headers

GET /extra/legacy.js HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/javascript
content-length: 1882
last-modified: Sat, 04 Apr 2020 16:58:44 GMT
etag: "5e88bcc4-75a"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo.png

52.244.223.173

200 OK

51 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 612 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50909 bytes)
Hash
1b909fad5d3ff3df25a9e5d9865a32bc
f8d22b881f38c079ebd5461ab3b9f440896618b3
9fced5c9b0b1862e4c5ffa5dca11aaf529d2c905722bf02f011f7e62b13e05d2

HTTP Headers

GET /themes/custom/orange_county_theme/images/logo.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 50909
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-c6dd"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/orange_county_theme/images/ico-separator.png

52.244.223.173

200 OK

198 B

URL HTTP/2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/ico-separator.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 2 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
198 B (198 bytes)
Hash
f400185e3238f665fc9c52d191174372
8fd067013e3b2cad8b2d59908e8f1d8ea4f9e423
b07ab21582b85d4a3af969a3966587b7949a4b0df6a7e70c4f237caa7445c92f

HTTP Headers

GET /themes/custom/orange_county_theme/images/ico-separator.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 198
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-c6"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa.png

52.244.223.173

200 OK

25 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 653 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (25020 bytes)
Hash
5bac911cc3e6fc426636ca63341f4f14
e62bb78482e53dc62f10b186d347e284e7706c3b
714712e07cb552e0f24d47fe32c8055acc27e6c986b10191bfb9076dde280824

HTTP Headers

GET /themes/custom/virus_theme/images/logo-lisa.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 25020
last-modified: Wed, 18 Mar 2020 00:10:59 GMT
etag: "5e716713-61bc"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa-mobile.png

52.244.223.173

200 OK

15 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa-mobile.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 409 x 48, 8-bit/color RGB, non-interlaced\012- data
Size
15 kB (15204 bytes)
Hash
c361e639efd9d07d0ea3dfb9cf616f73
f014c4dd3535ad53de4358eb690dbe602e597d3e
aa72c975cc9d71a5ad6b1cafa752bb413d72f45789301a61aa3127215f4e0a51

HTTP Headers

GET /themes/custom/virus_theme/images/logo-lisa-mobile.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 15204
last-modified: Wed, 18 Mar 2020 02:13:55 GMT
etag: "5e7183e3-3b64"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo-footer.png

52.244.223.173

200 OK

28 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo-footer.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 129 x 129, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27975 bytes)
Hash
543dedede67e78603cdb6d6d51b9313e
2e45e9f008492dbc4be6fbbb282b52c22f79cb08
a4201a5847be55a6c82c332fcb8da65796d0cf46b7f14bc092b2330c5c3fa720

HTTP Headers

GET /themes/custom/orange_county_theme/images/logo-footer.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 27975
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-6d47"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css

52.244.223.173

200 OK

268 kB

URL HTTP/2
coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
268 kB (268190 bytes)
Hash
7f1160c5d25ef1d7884503fba2a472c7
93a79a0fecdf8c53dbdca06071a215b52739605c
d969c816ef53e6cbeb08788351c3f56c647d2421a606a01fd54b33b48f068d55

HTTP Headers

GET /sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: text/css
content-length: 268190
last-modified: Thu, 26 Jan 2023 18:09:08 GMT
etag: "63d2c1c4-4179e"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js

52.244.223.173

200 OK

241 kB

URL HTTP/2
coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65447)
Size
241 kB (241438 bytes)
Hash
346efc35888e370ba148c8f2fabed79b
07b4fde11fb5d1dd375fa4e6f95bdecac51b4ece
6d985a515c35f286c333f5dd3f5513ab3130f68807b1f65b6e2ee96c3fa7ac19

HTTP Headers

GET /sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/javascript
content-length: 241438
last-modified: Thu, 26 Jan 2023 18:09:10 GMT
etag: "63d2c1c6-3af1e"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.5.0/js/v4-shims.js

172.64.133.15

200 OK

4.9 kB

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/js/v4-shims.js
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15024)
Size
4.9 kB (4861 bytes)
Hash
a2cb50185da95000c6bc4031e55242c9
b28be53571514ac10341f8fc59b120fb87fb55ba
dba123633f5c2af9f3a6a19dbd9dc0813a1e863eca037a6d8512a695fb2a748b

HTTP Headers

GET /releases/v5.5.0/js/v4-shims.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: application/javascript
x-amz-id-2: w0k/0WR2mBcrw6HelNxnM/DepzWdjjTpBSxbuPzAvlVczzHtVLr2S787mwBH+BaReSVqGN+vsdU=
x-amz-request-id: 6CT0HDKP7TNY68NK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1d7fb237e3d6dd696dbf2d6727a1c616"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNJeXyvZaj%2F1Uj3Bl6qa27fd65RtSLLikmaOsCTrmLRS9hCzxlzZ5n6o3s8hpse6zkXYov%2BMfuE1fQYl1bcel2nLOoVvOUjwC8iCjxaviQA6ZhNBwnR9Q94fILWbreLM9G23lMYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7952064519a1748c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coronavirus.egovoc.com/sites/virus/files/2020-09/Business_Worksites.jpg

52.244.223.173

200 OK

209 kB

URL HTTP/2
coronavirus.egovoc.com/sites/virus/files/2020-09/Business_Worksites.jpg
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1810x877, components 3\012- data
Size
209 kB (209426 bytes)
Hash
186b394230add4fd4c138df8b83446cc
262f0638337c17808ba7ef5293b4282bcfe1b21f
67a095837ff970c2c45845ac3882826a23ae719ca44ec1b3f3d667562e9c297d

HTTP Headers

GET /sites/virus/files/2020-09/Business_Worksites.jpg HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/jpeg
content-length: 209426
last-modified: Wed, 02 Sep 2020 06:40:55 GMT
etag: "5f4f3e77-33212"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900

142.250.74.74

200 OK

54 kB

URL HTTP/2
fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
54 kB (54441 bytes)
Hash
427c8e1e1438d0ebc898f7ead931728f
520f18329128c6bcc23c6a7b0a7985469bbf373e
7543b768650326de36fe42f043ea08d99d7e6c5d800c1704a027be056f85ac1d

HTTP Headers

GET /css?family=Raleway:300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 07:03:11 GMT
date: Mon, 06 Feb 2023 07:03:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js

216.58.211.14

200 OK

28 kB

URL HTTP/2
translate.google.com/translate_a/element.js
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type
data
Size
28 kB (28220 bytes)
Hash
02c8c14a62bb350a4df7cca6080ebb9e
3f64b338350741825260035f46bf8f783807d599
bc2e14072545ec0024813dbe86f16f2c4ce83e23c38ac74624c06b9070d901d2

HTTP Headers

GET /translate_a/element.js HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 07:03:10 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+380; expires=Wed, 05-Feb-2025 07:03:10 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css

216.58.211.3

200 OK

4.3 kB

URL HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23413), with no line terminators
Size
4.3 kB (4259 bytes)
Hash
c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 304483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 334633
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

142.250.74.74

200 OK

928 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
928 B (928 bytes)
Hash
874d7028992cf38976dbee2a16a34e58
07d251cfa274d3c2d81ea69e34ccd6e017ac765e
d2b4aea5607586ce6cbf1a48d1b13f38042958f5ae217e23fe6a9f9e6dcd7b4f

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 07:03:11 GMT
date: Mon, 06 Feb 2023 07:03:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/virus_theme/images/ico-search.png

52.244.223.173

200 OK

1.7 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/virus_theme/images/ico-search.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1707 bytes)
Hash
c7eb223d84ed21064f9d020e823b0134
1b6304f0f7f4ee3e1153c913ed9eed518f6b5ce5
e77d2cda2d88158789a8cf90b07e21f847e7c699bb1d82bc5dfcc58eba836513

HTTP Headers

GET /themes/custom/virus_theme/images/ico-search.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: image/png
content-length: 1707
last-modified: Mon, 13 Apr 2020 20:15:28 GMT
etag: "5e94c860-6ab"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13230 bytes)
Hash
a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 33189
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 33183
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8929 bytes)
Hash
d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 31927
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10582 bytes)
Hash
000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:34 GMT
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
age: 31778
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11481 bytes)
Hash
f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:55:31 GMT
age: 32861
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7851 bytes)
Hash
13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 32425
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

js.adsrvr.org/up_loader.1.1.0.js

143.204.45.46

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
143.204.45.46:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1887 bytes)
Hash
8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 09:30:24 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5nFJEG-yLIizBOnPz8A-JkBkOUqQpaXmRLLv2w6oQPXD9sMooyw2Jg==
Age: 77569

coronavirus.egovoc.com/themes/custom/virus_theme/images/bkg-footer-top.png

52.244.223.173

200 OK

544 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/virus_theme/images/bkg-footer-top.png
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1440 x 271, 8-bit/color RGBA, non-interlaced\012- data
Size
544 kB (544273 bytes)
Hash
99cc4e46a2451fc2fc56f6e500247198
74369a7eaa28cc050ef71c60cb63b7cb2e0d7d2e
715b5b2089fe52bf8abf28f0286485a0e7505d90839838ae882c9631e9937f42

HTTP Headers

GET /themes/custom/virus_theme/images/bkg-footer-top.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: image/png
content-length: 544273
last-modified: Sun, 15 Mar 2020 20:16:57 GMT
etag: "5e6e8d39-84e11"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

coronavirus.egovoc.com/themes/custom/virus_theme/favicon.ico

52.244.223.173

200 OK

1.8 kB

URL HTTP/2
coronavirus.egovoc.com/themes/custom/virus_theme/favicon.ico
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 16 x 16, 16-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1780 bytes)
Hash
864a5ffe484e7f964baec62e259ce4f4
ed77f418904baa58ba750e482a43bb805b30ad97
d3a4fa8cd9d9c82f50db396474ec257228fcaf4092938236f5d679af0c3ba93a

HTTP Headers

GET /themes/custom/virus_theme/favicon.ico HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:12 GMT
content-type: image/x-icon
content-length: 1780
last-modified: Sun, 15 Mar 2020 20:16:57 GMT
etag: "5e6e8d39-6f4"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 05:44:08 GMT
expires: Mon, 06 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 4744
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Last-Modified: Mon, 06 Feb 2023 05:38:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b09cb1b56474c756f404d4431795dda8
f40e495da9696a92ca893bfe62a9f930f7951e11
92e818c1760dad4d68ca9f00f7721bfc2c0c3f466a1e93bb16645eb415a4d445

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:03:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 11:37:30 GMT
Expires: Sat, 11 Feb 2023 11:37:29 GMT
Etag: "f40e495da9696a92ca893bfe62a9f930f7951e11"
Cache-Control: max-age=447856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7952064e2fa2b527-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 85gT58IRsfeEJvy9BRL+wv27v5ejhkSiqvSnSPmsbaFbr69vdvF7IdfSeO+gDzCIdX09wOXgNulsxkL+ZXqTHA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 07:03:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4

142.250.74.162

200 OK

37 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
37 B (37 bytes)
Hash
eec2fa3358659b4e2393f0504806fba1
cb52f43a47507b09602ef841bc5e91491e3a6f76
f16145eec9471ac5764d11573d9ddb659996826aeae11e84374053b911684a40

HTTP Headers

GET /pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 37
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 07:18:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Last-Modified: Mon, 06 Feb 2023 05:38:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385

64.233.165.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://coronavirus.egovoc.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 07:03:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]

104.18.23.234

302 Found

364 B

URL HTTP/2
action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]
IP
104.18.23.234:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
364 B (364 bytes)
Hash
6e64546157aa3e4dc8359c385f922f0f
e13b86d2ff06b4b46f2db137c340a2e64cb5420e
b19e46bddcc8b8dac6dbfe7fcf22462c07754b01d701d88d513aa24a8d76520b

HTTP Headers

GET /orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL] HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:03:12 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7952064e8812fabc-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c6f26296f21526ddcf68c8d5b46c6f14
78e152e6543aca8c2970d4704089db8070833094
01d41d0152cb506d68a550bdea97fea8ef13e55ab71c272edc06514de5fd5a2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: max-age=149314
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:13 GMT
Etag: "63e033bf-116"
Expires: Wed, 08 Feb 2023 00:31:47 GMT
Last-Modified: Sun, 05 Feb 2023 22:54:55 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
eab15c78abad92a8ed002b681c031803
05dbab8986b49a9ad0b103ce322365771f301568
3775d23069510063a2bffc1003e9f2be3f2579d2726b0dd56c1ea6c9f7554525

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=124338
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:13 GMT
Etag: "63dfd41c-116"
Expires: Tue, 07 Feb 2023 17:35:31 GMT
Last-Modified: Sun, 05 Feb 2023 16:06:52 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 278

ocsp.r2m02.amazontrust.com/

143.204.48.16

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
67e97f1a57ef9a6cf19909abc6da59c8
7af07a697ef5060bcaceeb21b92b8db7e0d55c11
0ce2631ec65da80fa14cc241331f029631f757401fd5245b4bf5db30301a6de2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 07:03:15 GMT
Last-Modified: Mon, 06 Feb 2023 05:46:43 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7HKpPNUdgBw7kI8Iy8hXNMu2d5iaeeiS-YampCw7LUJXWQukfk0Hvg==
Age: 4592

wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js

104.18.24.76

200 OK

40 kB

URL HTTP/2
wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
40 kB (40334 bytes)
Hash
178de179bcefa1d34f7c856517c73764
d5b843b812185fce8cecd6ce0ac25c94402be6d1
d43b023a864c61c49e4c6a5996fb05f347c64224947e0fe19184f58226365066

HTTP Headers

GET /v2/build/smartrems.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-21d47"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2547
expires: Tue, 06 Feb 2024 07:03:15 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520660ad77b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8

104.18.24.76

200 OK

15 kB

URL HTTP/2
wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1073)
Size
15 kB (14721 bytes)
Hash
9a70eceade093349f2983dc16190989f
1f6363aa7527113873c19284fa49117e5f677463
a7ef7abf9725275666d66ed3e14a49dff6aab8f4110dcd0c4c8928d91ebfb0d1

HTTP Headers

GET /v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8 HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=365000000, immutable
last-modified: Thu, 02 Feb 2023 20:08:07 GMT
cf-cache-status: HIT
age: 298487
vary: Accept-Encoding
server: cloudflare
cf-ray: 795206612df2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9809 bytes)
Hash
5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 47119
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

coronavirus.egovoc.com/guidance-businesses-worksites

52.244.223.173

301 Moved Permanently

0 B

URL HTTP/2
coronavirus.egovoc.com/guidance-businesses-worksites
IP
52.244.223.173:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /guidance-businesses-worksites HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8
location: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
x-redirect-id: 105
date: Thu, 26 Jan 2023 22:11:35 GMT
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-drupal-cache: HIT
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2

wsmcdn.audioeye.com/aem.js

104.18.24.76

200 OK

0 B

URL HTTP/2
wsmcdn.audioeye.com/aem.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aem.js HTTP/1.1
Host: wsmcdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:13 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
cache-control: max-age=3600
cache-tags: 
surrogate-keys: 
cf-cache-status: HIT
age: 632
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520654e84ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"72552d785264af4d6eae3629d50bd72d"
cache-control: max-age=120
cache-tags: 8dd0599d023ca60427ebd323ba7d6ddd
surrogate-keys: 8dd0599d023ca60427ebd323ba7d6ddd
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520655fa5cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8 HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
surrogate-key: prod 8dd0599d023ca60427ebd323ba7d6ddd 6eb1fb8
last-modified: Mon, 06 Feb 2023 05:43:05 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065b0dddb506-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/build/launcher.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:18 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-13d91"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2561
expires: Tue, 06 Feb 2024 07:03:18 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520673ea1ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.5.0/js/all.js

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/js/all.js
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.5.0/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: application/javascript
x-amz-id-2: S1F28R725dEOWOSS4DffmnmJwOC/8szm6grAx9mqVDBDEpp1PgT40BlJOaxonEhZ+zraRNRSINw=
x-amz-request-id: 6CTF8P86497W5EWC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"02dc00e986773a2294d5ce33ef02e442"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ7JXYAIRPMQ%2FPqjWW8SgN%2F9ShLVCN0Av8LA5Xb5ga1A7FlHtzXkr5uOGDxS7go96tnFzuBKk%2F%2BSnU%2Ffbc7wG6EbvoVibnWt%2F4D9FICcTOErKTzRa6o2JclaadymN8fN4ioQIgl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795206450996748c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0

35.71.131.137

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:13 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/build/jquery.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-17d8a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2479
expires: Tue, 06 Feb 2024 07:03:14 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065aeff1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/build/startup.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:08:20 GMT
etag: W/"63dc1834-5a514"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2547
expires: Tue, 06 Feb 2024 07:03:14 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065aeff2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js

104.18.24.76

200 OK

0 B

URL HTTP/2
wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js
IP
104.18.24.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/build/compliance.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:18 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:08:20 GMT
etag: W/"63dc1834-259ba"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2479
expires: Tue, 06 Feb 2024 07:03:18 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520673fa1cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML