r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19975
Expires: Mon, 06 Feb 2023 12:36:05 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16474
Expires: Mon, 06 Feb 2023 11:37:44 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 06:36:27 GMT
content-type: application/json
age: 1603
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8172
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive
coronavirus.egovoc.com/guidance-businesses-worksites
52.244.223.173301 Moved Permanently 194 B URL HTTP/1.1 coronavirus.egovoc.com/guidance-businesses-worksites
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ec0f2d6d8da7997a10f72a2537729e59
d6b8ca36f266d92775f5b757e65b8c10c747c30a
95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
GET /guidance-businesses-worksites HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 06 Feb 2023 07:03:09 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://coronavirus.egovoc.com/guidance-businesses-worksites
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KdbjLFHhiXIU4WF2s1KAO7pSM05v9mV96CL4cBHS9SRwsUQmEmEx0MrA5NDsiT+jFrxsTzsWhAc=
x-amz-request-id: K21DWYC616369K93
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 06:53:36 GMT
age: 574
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 06:07:20 GMT
age: 3350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10572
Expires: Mon, 06 Feb 2023 09:59:22 GMT
Date: Mon, 06 Feb 2023 07:03:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-161599881-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-161599881-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash d6fb87a6f147eb81241cfacb0d3c9ce7
f68b6f02075bd56d87e391659a24bc5e41c96dc2
581a68bd752e56a2bec217e121ee69d658d109e1e152279218c15d05915148aa
GET /gtag/js?id=UA-161599881-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 07:03:10 GMT
expires: Mon, 06 Feb 2023 07:03:10 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
coronavirus.egovoc.com/sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css
52.244.223.173200 OK 4.7 kB URL HTTP/2 coronavirus.egovoc.com/sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type troff or preprocessor input text\012- assembler source, ASCII text, with very long lines (619)
Hash 643926b99a44515d357e775ab3fcdf8e
4cc00e922508e96aa900112010cb1882814b3079
7f6f6e3bbbb56227262c16de004b00fde31cc928c7235e96ebf7b4dc7024382b
GET /sites/virus/files/css/css_f29uO7u1YicmLBbeAEsA_eMcySjHI16W6_e03HAkOCs.css HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: text/css
content-length: 4689
last-modified: Thu, 26 Jan 2023 18:09:08 GMT
etag: "63d2c1c4-1251"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.239.226.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.239.226.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BbQovMDnNFEofqj+974jPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B8DbK81JQgN1zhaWFRYBJAmG4XE=
coronavirus.egovoc.com/extra/legacy.js
52.244.223.173200 OK 1.9 kB URL HTTP/2 coronavirus.egovoc.com/extra/legacy.js
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (774), with CRLF line terminators
Hash d3929db80c61564f7c1c1af7c45fee99
289cfb498e0e81038ca728ce9706d9c25089f073
214bfb52965fa9d6c42b85d8ba0f24e647d2284ce5054ade93026e9e8c6d61b1
GET /extra/legacy.js HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/javascript
content-length: 1882
last-modified: Sat, 04 Apr 2020 16:58:44 GMT
etag: "5e88bcc4-75a"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo.png
52.244.223.173200 OK 51 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 612 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b909fad5d3ff3df25a9e5d9865a32bc
f8d22b881f38c079ebd5461ab3b9f440896618b3
9fced5c9b0b1862e4c5ffa5dca11aaf529d2c905722bf02f011f7e62b13e05d2
GET /themes/custom/orange_county_theme/images/logo.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 50909
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-c6dd"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/ico-separator.png
52.244.223.173200 OK 198 B URL HTTP/2 coronavirus.egovoc.com/themes/custom/orange_county_theme/images/ico-separator.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 2 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash f400185e3238f665fc9c52d191174372
8fd067013e3b2cad8b2d59908e8f1d8ea4f9e423
b07ab21582b85d4a3af969a3966587b7949a4b0df6a7e70c4f237caa7445c92f
GET /themes/custom/orange_county_theme/images/ico-separator.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 198
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-c6"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa.png
52.244.223.173200 OK 25 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 653 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 5bac911cc3e6fc426636ca63341f4f14
e62bb78482e53dc62f10b186d347e284e7706c3b
714712e07cb552e0f24d47fe32c8055acc27e6c986b10191bfb9076dde280824
GET /themes/custom/virus_theme/images/logo-lisa.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 25020
last-modified: Wed, 18 Mar 2020 00:10:59 GMT
etag: "5e716713-61bc"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa-mobile.png
52.244.223.173200 OK 15 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/virus_theme/images/logo-lisa-mobile.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 409 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash c361e639efd9d07d0ea3dfb9cf616f73
f014c4dd3535ad53de4358eb690dbe602e597d3e
aa72c975cc9d71a5ad6b1cafa752bb413d72f45789301a61aa3127215f4e0a51
GET /themes/custom/virus_theme/images/logo-lisa-mobile.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 15204
last-modified: Wed, 18 Mar 2020 02:13:55 GMT
etag: "5e7183e3-3b64"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo-footer.png
52.244.223.173200 OK 28 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/orange_county_theme/images/logo-footer.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 129 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash 543dedede67e78603cdb6d6d51b9313e
2e45e9f008492dbc4be6fbbb282b52c22f79cb08
a4201a5847be55a6c82c332fcb8da65796d0cf46b7f14bc092b2330c5c3fa720
GET /themes/custom/orange_county_theme/images/logo-footer.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/png
content-length: 27975
last-modified: Mon, 04 Mar 2019 19:36:13 GMT
etag: "5c7d7e2d-6d47"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
52.244.223.173200 OK 268 kB URL HTTP/2 coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 268 kB (268190 bytes)
Hash 7f1160c5d25ef1d7884503fba2a472c7
93a79a0fecdf8c53dbdca06071a215b52739605c
d969c816ef53e6cbeb08788351c3f56c647d2421a606a01fd54b33b48f068d55
GET /sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: text/css
content-length: 268190
last-modified: Thu, 26 Jan 2023 18:09:08 GMT
etag: "63d2c1c4-4179e"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js
52.244.223.173200 OK 241 kB URL HTTP/2 coronavirus.egovoc.com/sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Size 241 kB (241438 bytes)
Hash 346efc35888e370ba148c8f2fabed79b
07b4fde11fb5d1dd375fa4e6f95bdecac51b4ece
6d985a515c35f286c333f5dd3f5513ab3130f68807b1f65b6e2ee96c3fa7ac19
GET /sites/virus/files/js/js_bZhaUVw18obDM_XdP1UTqzEw9ogHsfZbbi7pbD-nrBk.js HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: application/javascript
content-length: 241438
last-modified: Thu, 26 Jan 2023 18:09:10 GMT
etag: "63d2c1c6-3af1e"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/js/v4-shims.js
172.64.133.15200 OK 4.9 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/js/v4-shims.js
IP 172.64.133.15:0
File type ASCII text, with very long lines (15024)
Hash a2cb50185da95000c6bc4031e55242c9
b28be53571514ac10341f8fc59b120fb87fb55ba
dba123633f5c2af9f3a6a19dbd9dc0813a1e863eca037a6d8512a695fb2a748b
GET /releases/v5.5.0/js/v4-shims.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: application/javascript
x-amz-id-2: w0k/0WR2mBcrw6HelNxnM/DepzWdjjTpBSxbuPzAvlVczzHtVLr2S787mwBH+BaReSVqGN+vsdU=
x-amz-request-id: 6CT0HDKP7TNY68NK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1d7fb237e3d6dd696dbf2d6727a1c616"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNJeXyvZaj%2F1Uj3Bl6qa27fd65RtSLLikmaOsCTrmLRS9hCzxlzZ5n6o3s8hpse6zkXYov%2BMfuE1fQYl1bcel2nLOoVvOUjwC8iCjxaviQA6ZhNBwnR9Q94fILWbreLM9G23lMYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7952064519a1748c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
coronavirus.egovoc.com/sites/virus/files/2020-09/Business_Worksites.jpg
52.244.223.173200 OK 209 kB URL HTTP/2 coronavirus.egovoc.com/sites/virus/files/2020-09/Business_Worksites.jpg
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1810x877, components 3\012- data
Size 209 kB (209426 bytes)
Hash 186b394230add4fd4c138df8b83446cc
262f0638337c17808ba7ef5293b4282bcfe1b21f
67a095837ff970c2c45845ac3882826a23ae719ca44ec1b3f3d667562e9c297d
GET /sites/virus/files/2020-09/Business_Worksites.jpg HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:10 GMT
content-type: image/jpeg
content-length: 209426
last-modified: Wed, 02 Sep 2020 06:40:55 GMT
etag: "5f4f3e77-33212"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900
142.250.74.74200 OK 54 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900
IP 142.250.74.74:0
Hash 427c8e1e1438d0ebc898f7ead931728f
520f18329128c6bcc23c6a7b0a7985469bbf373e
7543b768650326de36fe42f043ea08d99d7e6c5d800c1704a027be056f85ac1d
GET /css?family=Raleway:300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 07:03:11 GMT
date: Mon, 06 Feb 2023 07:03:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js
216.58.211.14200 OK 28 kB URL HTTP/2 translate.google.com/translate_a/element.js
IP 216.58.211.14:0
Hash 02c8c14a62bb350a4df7cca6080ebb9e
3f64b338350741825260035f46bf8f783807d599
bc2e14072545ec0024813dbe86f16f2c4ce83e23c38ac74624c06b9070d901d2
GET /translate_a/element.js HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 07:03:10 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+380; expires=Wed, 05-Feb-2025 07:03:10 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
216.58.211.3200 OK 4.3 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP 216.58.211.3:0
File type ASCII text, with very long lines (23413), with no line terminators
Hash c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c
GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 304483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 334633
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
142.250.74.74200 OK 928 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
IP 142.250.74.74:0
Hash 874d7028992cf38976dbee2a16a34e58
07d251cfa274d3c2d81ea69e34ccd6e017ac765e
d2b4aea5607586ce6cbf1a48d1b13f38042958f5ae217e23fe6a9f9e6dcd7b4f
GET /css?family=Open+Sans:300,400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 07:03:11 GMT
date: Mon, 06 Feb 2023 07:03:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/virus_theme/images/ico-search.png
52.244.223.173200 OK 1.7 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/virus_theme/images/ico-search.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash c7eb223d84ed21064f9d020e823b0134
1b6304f0f7f4ee3e1153c913ed9eed518f6b5ce5
e77d2cda2d88158789a8cf90b07e21f847e7c699bb1d82bc5dfcc58eba836513
GET /themes/custom/virus_theme/images/ico-search.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: image/png
content-length: 1707
last-modified: Mon, 13 Apr 2020 20:15:28 GMT
etag: "5e94c860-6ab"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2397
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 07:03:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 33189
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 33183
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 31927
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:34 GMT
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
age: 31778
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:55:31 GMT
age: 32861
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 32425
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 09:30:24 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5nFJEG-yLIizBOnPz8A-JkBkOUqQpaXmRLLv2w6oQPXD9sMooyw2Jg==
Age: 77569
coronavirus.egovoc.com/themes/custom/virus_theme/images/bkg-footer-top.png
52.244.223.173200 OK 544 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/virus_theme/images/bkg-footer-top.png
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1440 x 271, 8-bit/color RGBA, non-interlaced\012- data
Size 544 kB (544273 bytes)
Hash 99cc4e46a2451fc2fc56f6e500247198
74369a7eaa28cc050ef71c60cb63b7cb2e0d7d2e
715b5b2089fe52bf8abf28f0286485a0e7505d90839838ae882c9631e9937f42
GET /themes/custom/virus_theme/images/bkg-footer-top.png HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/sites/virus/files/css/css_2WnIFu9T5svrCHiDUcP1bGR9JCGmBqAf1UsztI8GjVU.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: image/png
content-length: 544273
last-modified: Sun, 15 Mar 2020 20:16:57 GMT
etag: "5e6e8d39-84e11"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
coronavirus.egovoc.com/themes/custom/virus_theme/favicon.ico
52.244.223.173200 OK 1.8 kB URL HTTP/2 coronavirus.egovoc.com/themes/custom/virus_theme/favicon.ico
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 16 x 16, 16-bit/color RGBA, non-interlaced\012- data
Hash 864a5ffe484e7f964baec62e259ce4f4
ed77f418904baa58ba750e482a43bb805b30ad97
d3a4fa8cd9d9c82f50db396474ec257228fcaf4092938236f5d679af0c3ba93a
GET /themes/custom/virus_theme/favicon.ico HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Mon, 06 Feb 2023 07:03:12 GMT
content-type: image/x-icon
content-length: 1780
last-modified: Sun, 15 Mar 2020 20:16:57 GMT
etag: "5e6e8d39-6f4"
strict-transport-security: max-age=63072000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 05:44:08 GMT
expires: Mon, 06 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 4744
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Last-Modified: Mon, 06 Feb 2023 05:38:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b09cb1b56474c756f404d4431795dda8
f40e495da9696a92ca893bfe62a9f930f7951e11
92e818c1760dad4d68ca9f00f7721bfc2c0c3f466a1e93bb16645eb415a4d445
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:03:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 11:37:30 GMT
Expires: Sat, 11 Feb 2023 11:37:29 GMT
Etag: "f40e495da9696a92ca893bfe62a9f930f7951e11"
Cache-Control: max-age=447856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7952064e2fa2b527-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 85gT58IRsfeEJvy9BRL+wv27v5ejhkSiqvSnSPmsbaFbr69vdvF7IdfSeO+gDzCIdX09wOXgNulsxkL+ZXqTHA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 07:03:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4
142.250.74.162200 OK 37 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash eec2fa3358659b4e2393f0504806fba1
cb52f43a47507b09602ef841bc5e91491e3a6f76
f16145eec9471ac5764d11573d9ddb659996826aeae11e84374053b911684a40
GET /pagead/viewthroughconversion/606145353/?random=1675667036050&cv=11&fst=1675667036050&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&tiba=Guidance%3A%20Non-Healthcare%20Businesses%20%26%20Worksites%20%7C%20Novel%20Coronavirus%20(COVID-19)&rdp=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 37
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 07:18:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Last-Modified: Mon, 06 Feb 2023 05:38:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385
64.233.165.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385
IP 64.233.165.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-161599881-1&cid=1211727040.1675667037&jid=1115337294&gjid=683117584&_gid=850444737.1675667037&_u=YEBAAUAAAAAAACAAI~&z=801480385 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://coronavirus.egovoc.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 07:03:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]
104.18.23.234302 Found 364 B URL HTTP/2 action.dstillery.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]
IP 104.18.23.234:0
Hash 6e64546157aa3e4dc8359c385f922f0f
e13b86d2ff06b4b46f2db137c340a2e64cb5420e
b19e46bddcc8b8dac6dbfe7fcf22462c07754b01d701d88d513aa24a8d76520b
GET /orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL] HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:03:12 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1029210&ns=5156&nc=OCHealth_SV&ncv=39&dstOrderId=[NULL]&dstOrderAmount=[NULL]
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7952064e8812fabc-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c6f26296f21526ddcf68c8d5b46c6f14
78e152e6543aca8c2970d4704089db8070833094
01d41d0152cb506d68a550bdea97fea8ef13e55ab71c272edc06514de5fd5a2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: max-age=149314
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:13 GMT
Etag: "63e033bf-116"
Expires: Wed, 08 Feb 2023 00:31:47 GMT
Last-Modified: Sun, 05 Feb 2023 22:54:55 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash eab15c78abad92a8ed002b681c031803
05dbab8986b49a9ad0b103ce322365771f301568
3775d23069510063a2bffc1003e9f2be3f2579d2726b0dd56c1ea6c9f7554525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=124338
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:03:13 GMT
Etag: "63dfd41c-116"
Expires: Tue, 07 Feb 2023 17:35:31 GMT
Last-Modified: Sun, 05 Feb 2023 16:06:52 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 278
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 67e97f1a57ef9a6cf19909abc6da59c8
7af07a697ef5060bcaceeb21b92b8db7e0d55c11
0ce2631ec65da80fa14cc241331f029631f757401fd5245b4bf5db30301a6de2
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 07:03:15 GMT
Last-Modified: Mon, 06 Feb 2023 05:46:43 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7HKpPNUdgBw7kI8Iy8hXNMu2d5iaeeiS-YampCw7LUJXWQukfk0Hvg==
Age: 4592
wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js
104.18.24.76200 OK 40 kB URL HTTP/2 wsv3cdn.audioeye.com/v2/build/smartrems.bundle.6eb1fb8.js
IP 104.18.24.76:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 178de179bcefa1d34f7c856517c73764
d5b843b812185fce8cecd6ce0ac25c94402be6d1
d43b023a864c61c49e4c6a5996fb05f347c64224947e0fe19184f58226365066
GET /v2/build/smartrems.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-21d47"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2547
expires: Tue, 06 Feb 2024 07:03:15 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520660ad77b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8
104.18.24.76200 OK 15 kB URL HTTP/2 wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8
IP 104.18.24.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1073)
Hash 9a70eceade093349f2983dc16190989f
1f6363aa7527113873c19284fa49117e5f677463
a7ef7abf9725275666d66ed3e14a49dff6aab8f4110dcd0c4c8928d91ebfb0d1
GET /v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=6eb1fb8 HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=365000000, immutable
last-modified: Thu, 02 Feb 2023 20:08:07 GMT
cf-cache-status: HIT
age: 298487
vary: Accept-Encoding
server: cloudflare
cf-ray: 795206612df2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 47119
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
coronavirus.egovoc.com/guidance-businesses-worksites
52.244.223.173301 Moved Permanently 0 B URL HTTP/2 coronavirus.egovoc.com/guidance-businesses-worksites
IP 52.244.223.173:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
GET /guidance-businesses-worksites HTTP/1.1
Host: coronavirus.egovoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8
location: https://coronavirus.egovoc.com/guidance-non-healthcare-businesses-worksites
x-redirect-id: 105
date: Thu, 26 Jan 2023 22:11:35 GMT
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-drupal-cache: HIT
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
wsmcdn.audioeye.com/aem.js
104.18.24.76200 OK 0 B URL HTTP/2 wsmcdn.audioeye.com/aem.js
IP 104.18.24.76:0
GET /aem.js HTTP/1.1
Host: wsmcdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:13 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
cache-control: max-age=3600
cache-tags:
surrogate-keys:
cf-cache-status: HIT
age: 632
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520654e84ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd
IP 104.18.24.76:0
GET /bootstrap.js?h=8dd0599d023ca60427ebd323ba7d6ddd HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript; charset=UTF-8
etag: W/"72552d785264af4d6eae3629d50bd72d"
cache-control: max-age=120
cache-tags: 8dd0599d023ca60427ebd323ba7d6ddd
surrogate-keys: 8dd0599d023ca60427ebd323ba7d6ddd
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520655fa5cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8
IP 104.18.24.76:0
GET /v2/scripts/loader.js?h=8dd0599d023ca60427ebd323ba7d6ddd&lang=en&cb=6eb1fb8 HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:15 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
surrogate-key: prod 8dd0599d023ca60427ebd323ba7d6ddd 6eb1fb8
last-modified: Mon, 06 Feb 2023 05:43:05 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065b0dddb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/v2/build/launcher.bundle.6eb1fb8.js
IP 104.18.24.76:0
GET /v2/build/launcher.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:18 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-13d91"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2561
expires: Tue, 06 Feb 2024 07:03:18 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520673ea1ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/js/all.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.5.0/js/all.js
IP 172.64.133.15:0
GET /releases/v5.5.0/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronavirus.egovoc.com
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:11 GMT
content-type: application/javascript
x-amz-id-2: S1F28R725dEOWOSS4DffmnmJwOC/8szm6grAx9mqVDBDEpp1PgT40BlJOaxonEhZ+zraRNRSINw=
x-amz-request-id: 6CTF8P86497W5EWC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"02dc00e986773a2294d5ce33ef02e442"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ7JXYAIRPMQ%2FPqjWW8SgN%2F9ShLVCN0Av8LA5Xb5ga1A7FlHtzXkr5uOGDxS7go96tnFzuBKk%2F%2BSnU%2Ffbc7wG6EbvoVibnWt%2F4D9FICcTOErKTzRa6o2JclaadymN8fN4ioQIgl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795206450996748c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0
35.71.131.137200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0
IP 35.71.131.137:0
GET /track/up?adv=cuqasw7&ref=https%3A%2F%2Fcoronavirus.egovoc.com%2Fguidance-non-healthcare-businesses-worksites&upid=wavu6cu&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:13 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/v2/build/jquery.bundle.6eb1fb8.js
IP 104.18.24.76:0
GET /v2/build/jquery.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:07:49 GMT
etag: W/"63dc1815-17d8a"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2479
expires: Tue, 06 Feb 2024 07:03:14 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065aeff1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/v2/build/startup.bundle.6eb1fb8.js
IP 104.18.24.76:0
GET /v2/build/startup.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:08:20 GMT
etag: W/"63dc1834-5a514"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2547
expires: Tue, 06 Feb 2024 07:03:14 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952065aeff2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js
104.18.24.76200 OK 0 B URL HTTP/2 wsv3cdn.audioeye.com/v2/build/compliance.bundle.6eb1fb8.js
IP 104.18.24.76:0
GET /v2/build/compliance.bundle.6eb1fb8.js HTTP/1.1
Host: wsv3cdn.audioeye.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronavirus.egovoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:03:18 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 20:08:20 GMT
etag: W/"63dc1834-259ba"
access-control-allow-origin: *
cf-cache-status: HIT
age: 2479
expires: Tue, 06 Feb 2024 07:03:18 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79520673fa1cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2