www.casey.vic.gov.au/pay-application
54.230.111.7301 Moved Permanently 167 B URL HTTP/1.1 www.casey.vic.gov.au/pay-application
IP 54.230.111.7:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /pay-application HTTP/1.1
Host: www.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 27 Oct 2022 09:48:35 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.casey.vic.gov.au/pay-application
X-Cache: Redirect from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5jm14dY8haMyZNoBoT194aMoG7YL5Fugf89PGBn_jt3EF9d4Zs5Xpg==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6364
Expires: Thu, 27 Oct 2022 11:34:39 GMT
Date: Thu, 27 Oct 2022 09:48:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5247
Cache-Control: max-age=90594
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:58:29 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=90089
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:50:04 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6674
Expires: Thu, 27 Oct 2022 11:39:49 GMT
Date: Thu, 27 Oct 2022 09:48:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 27 Oct 2022 09:41:43 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oRNdNdLTM4f4JPDrPVAQKd7i/CZ2umF7qXAk65TxxQ6eSL1o1w9S537EVi1AAEmdtOmb/NXXUDE=
x-amz-request-id: ZPTC8GV9V0FJPN5J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 09:09:46 GMT
age: 2329
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c5f75c34629c4035f9bc22c474227c83
d06991827161322e4367f9def5498822067c4fc2
7dc6b2b50dc8c8997cb43c0eb6ca26fe74700b5faa00ffee88cacff207705949
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86825
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358f5cf-1d7"
Expires: Fri, 28 Oct 2022 09:55:40 GMT
Last-Modified: Wed, 26 Oct 2022 08:54:39 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JhPCkWIiMWhiwGo8_W7x__1ZFli8mxRVbAUr58Jz26otl6V2WspaIw==
Age: 3661
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 09:48:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5712
Cache-Control: max-age=86003
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:36 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:41:59 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lfvaxuyf1vbrfVHJrhgDEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 33w6CuW8auwzRUFc+kPHYJ0hCDY=
www.casey.vic.gov.au/pay-application
54.230.111.127301 Moved Permanently 702 B URL HTTP/2 www.casey.vic.gov.au/pay-application
IP 54.230.111.127:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 49acf6febf59b43b726884d3115891e1
6fa7a9781068b322062b9020c2a5d3c4147c1ac1
fb4954c94197f31470430f2bfd39c7604e6ab3f1c41123d518d6d2cd71f2a914
GET /pay-application HTTP/1.1
Host: www.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
content-length: 702
location: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
date: Thu, 27 Oct 2022 09:48:36 GMT
x-redirect-id: 2366
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-ironstar-app-pod: app-5dc5594cb9-jhlhf
x-request-id: 546b8184742121c8c7d1b7e0b74e9b52
x-ironstar-cache-pod: cache-7df5fcfd9f-n8hbf
x-xss-protection: 1; mode=block
x-ironstar-cache-status: MISS
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iXSqnkrPHT3Lin3SHluINGkDaCM8fxmkizh5EzPHsQEDB9CO4QFDRw==
age: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5274d15371ddbcdca2f5eb387afcc7a
d1f4fad04d93adaa931b2c7fa5701f8ab5115b4f
8f520e1f63c53ba844433cbd4179217aca0f5e77968409500708d9be1376df55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114880
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:37 GMT
Etag: "635971b5-1d7"
Expires: Fri, 28 Oct 2022 17:43:17 GMT
Last-Modified: Wed, 26 Oct 2022 17:43:17 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 43260
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:44:24 GMT
age: 32653
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:58:12 GMT
age: 42625
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b3875b4f9986a58288fdb19744f275e
ee76902c43d2b348a194456e53978337cf5391a4
84e01baf1a4f51606a20f464990c1de066a10a0310abc3abffa5b143ad64c93f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5444
x-amzn-requestid: 6d58934a-f718-4bdc-9aa9-e570c3eb6d0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aI0DvG5voAMFmLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634d007e-2e60c6b673315a4034f09320;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 07:13:02 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: skpAlvhidM2bxW0pciEBF7LfKpWGnwLsq_Eg0y4VCOp5GdtJlgYhAQ==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:15 GMT
age: 42982
etag: "ee76902c43d2b348a194456e53978337cf5391a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3185609c8bfba0bf8d54812276331c42
4a14cc85d23798bd3476516b49a3c3ff7bcd0d98
e57871dad12531fccf75d0bc4930c18c3c95c706b2bfd89e620b1e097b40a08e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6493
x-amzn-requestid: f5ca8ddd-d103-43e2-b3b7-ece16e1312a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ainrUE-pIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63575315-5f7287ea785008c44b0ff490;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:08:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LOj8fvtUhiwgFnrZG9v0iJ1At2O4vsdXM6tCPF8Blr-AOA-ALbuIkQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:39:20 GMT
age: 22157
etag: "4a14cc85d23798bd3476516b49a3c3ff7bcd0d98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DjRLNrY4BFc3GwHGBW40LIyh-RYT3hshdKPxXok4KE97fGvatXN6yQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 11:12:06 GMT
age: 81391
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
103.84.99.46200 OK 17 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4612), with CRLF line terminators
Hash 97e7f909be065695002b6cfe294fec21
871d65f2fd164f4607262a2999d72a740048f0d8
6d9422fc990f19298ce8585fba90d1a8282b26dd8e4a0cee5d2ab693219d32bd
Analyzer Verdict Alert fortinet Phishing
GET /T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 17308
code.jquery.com/jquery-1.12.4.min.js
69.16.175.10200 OK 34 kB URL HTTP/2 code.jquery.com/jquery-1.12.4.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32077)
Hash fc7624613c4e25843694cdb7fa956f05
7765bb4016ae929e22be579ccde505b94c2a63c1
49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae
GET /jquery-1.12.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 09:48:39 GMT
content-encoding: gzip
content-length: 33738
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-17b8b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666864119.dop215.sk1.t,1666864119.cds263.sk1.hn,1666864119.cds251.sk1.c
X-Firefox-Spdy: h2
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
103.84.99.46200 OK 9.8 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type ASCII text, with very long lines (58674), with CRLF line terminators
Hash 54cc2947d3df2eb76e773d3b870be56c
e2c3b787f70b081b3619950cd01fd53518c6be6b
aa9611484b19e7cbec33699bc604674b0b7ded2a269d892f0c37033d45c476bb
GET /T1PRProd/WebApps/eProperty/style/casey.css HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 00:38:57 GMT
Accept-Ranges: bytes
ETag: "8066a9d494e1d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 9764
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css
103.84.99.46200 OK 5.1 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3cbcfcd3cbe276f0be87d33731ec465c
5a420dc49a3c28c7f7bb71960d9d1f9347c11d2b
52d1af054e239e6277ff1fe4d4d9f70005771aca7d23155414fc0c35036e7dd1
GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 06 Sep 2013 01:27:27 GMT
Accept-Ranges: bytes
ETag: "80a9123fa0aace1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 5127
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR
142.250.74.168200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR
IP 142.250.74.168:0
File type ASCII text, with very long lines (2916)
Hash eaf943c138407922ed663c9e57dd6c53
701bc8ac0b627a341fe506730229d338da636740
1b587086d9010d8bed02ba32c6b35159a2e732ffe851a7d20512466d702257d8
GET /gtm.js?id=GTM-P5QR9GR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 09:48:39 GMT
expires: Thu, 27 Oct 2022 09:48:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000
103.84.99.46200 OK 5.8 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type ASCII text, with CRLF line terminators
Hash 20d678b3dec24264f53b1262e2b83947
cd76ccb89a899b34afe22e6530ee3763f673f688
01cb72190033b3103c18d126d7326f13cbc831635a7a6e07dbfcc0036eb94ac7
GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 20:27:04 GMT
Last-Modified: Wed, 23 Feb 2022 06:45:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 5840
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js
103.84.99.46200 OK 1.0 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type ASCII text, with CRLF line terminators
Hash 677c704267560129f15c4ec56f1ff749
d2c0afe7ed48b0d76f8b9efc1199794fd82ba7b4
b334ace0c4236350a28c821aaf42237e05c171a042b93d22ea23f06fcd131581
Analyzer Verdict Alert fortinet Phishing
GET /T1PRProd/WebApps/eProperty/style/casey.js HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 05:41:57 GMT
Accept-Ranges: bytes
ETag: "80009531ed61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 1045
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000
103.84.99.46200 OK 5.2 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type ASCII text, with CRLF line terminators
Hash 505249b0496e4fa9fe31de88be3d163f
4e52cfb12cda38f07fdedbc064ce1a87d89e9b6a
e14b21b76602815f62a5995b224d48597d6bf5e2d720b2bf7fc157cd4fb508b8
GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 16:14:37 GMT
Last-Modified: Wed, 23 Feb 2022 06:45:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 5224
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000
103.84.99.46200 OK 1.3 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash bf55bff246676e7fdf0c29971676cf40
965c4091829b470b924176f959ff241705ff2098
1b8da9fa360d0be8baf3e8f9d05c734f5c02cbc13d4d76810d11dc0f79f942ec
GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 15:56:05 GMT
Last-Modified: Thu, 08 Oct 2020 05:18:28 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1327
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif
103.84.99.46200 OK 807 B URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type GIF image data, version 89a, 1 x 1\012- data
Hash 18b3e43abad26bdac6f4cea944777b62
5848cd0aca8d9fc92d8449b13f829cc1f6cd310a
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2013 01:27:28 GMT
Accept-Ranges: bytes
ETag: "81412440a0aace1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 807
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif
103.84.99.46200 OK 12 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type GIF image data, version 89a, 206 x 300\012- data
Hash 50420ef782616697d4334c4deec228fc
3433c07c4107090b6e4f9c5191a1895266e778a0
2fde0a6fdc92ac69f90d90f90d10573a75381e19eebbddb44bafe0a635caf1c1
GET /T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 10 Aug 2020 05:53:59 GMT
Accept-Ranges: bytes
ETag: "3c7cbba4da6ed61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 12260
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif
103.84.99.46200 OK 810 B URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type GIF image data, version 89a, 1 x 10\012- data
Hash 0e2d1c6185c248084bc16e94919f8b93
007af539a8edfa08afab7443158e5689d0838fca
1010c670d75b7c26260d002144acb0d6b38e00049e11e5d790ef397ec2a130e0
GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2013 01:27:30 GMT
Accept-Ranges: bytes
ETag: "8f721741a0aace1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 810
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js
103.84.99.46200 OK 20 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1236), with CRLF line terminators
Hash 1a9499f0ada37ed6ff24ef6ec6de67ad
34c92aaf8f4efd33aea7c3afb1dd97761ca7110c
48645fe41fa0eeca2857fe435db6b39d45456395d227cca7cd5e581213619d5c
Analyzer Verdict Alert fortinet Phishing
GET /T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 03:02:59 GMT
Accept-Ranges: bytes
ETag: "8033f0b04f2cd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 20292
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 08:41:09 GMT
expires: Thu, 27 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 4052
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff
103.84.99.46200 OK 71 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type Web Open Font Format, TrueType, length 71016, version 1.0\012- data
Hash d52d6025f5b7be3f786f1ca60c319b34
1474914fe51ecc868d11297b5b358d77858f8d06
5a424d78d1fde667c3ef22c45fb05a48337c2e9824ddb4b8516c708b48d9efd5
Analyzer Verdict Alert fortinet Phishing
GET /T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Mon, 10 Feb 2020 04:25:05 GMT
Accept-Ranges: bytes
ETag: "e9ea3212cadfd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 71016
vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash d2c298a660a1ee92f094a3d504e3e2e6
13fd39d202cf3e00be906a798921386b403e15c5
4aa80b9ea27a402072083d23dd118c6be178b90efb7ff0014c8b87c180655bdb
GET /box-c1417f7b48595d0dbca01c86f95d6dbb.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Tue, 18 Oct 2022 09:12:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yKm4TurDf2NuKuNhB_4r9REHU1NDtyx6ubRpxY7OgdIM1Rirgq3qsg==
age: 779795
X-Firefox-Spdy: h2
script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
143.204.55.68200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash f784e2f70f455f7e613fcb9f757607c4
44c87de224e98901c88434e10cbe88e18000943f
3c167e79d789a1fd56a4dd863f94690b5124a2dcd8c1e06e3e0ad9f35fd1d49a
GET /modules.5a17f10e21dd3fd3b841.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66091
date: Wed, 26 Oct 2022 11:38:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "f784e2f70f455f7e613fcb9f757607c4"
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rSJXUaxWFJB1-IndfSL0Jzux5ETKXR8o_A4eVb7Q8q7y_5BNg0kvKQ==
age: 79835
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eproperty.casey.vic.gov.au/favicon.ico
103.84.99.46404 Not Found 1.2 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/favicon.ico
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /favicon.ico HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1245
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/MasterPages/icon.png
103.84.99.46404 Not Found 1.2 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/MasterPages/icon.png
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /T1PRProd/WebApps/eProperty/MasterPages/icon.png HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1245
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761
173.194.222.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761
IP 173.194.222.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://eproperty.casey.vic.gov.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 67926616d93c71de060b719e9aba6cc8
1f4ba7f5e695b4ce208a723e8bf401c323a6cbae
9e19fe8ed31f7213e85fa8e0a88313961ab24d7a52f459877591885eed4c1343
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108593
Date: Thu, 27 Oct 2022 09:48:41 GMT
Etag: "63594342-1d7"
Expires: Fri, 28 Oct 2022 15:58:34 GMT
Last-Modified: Wed, 26 Oct 2022 14:25:06 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mrUS2MIvvooa5z20r9tqK0TDucIAYoz8IiF0fOC6e0xF3b21F39NGQ==
Age: 5608
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff
103.84.99.46200 OK 70 kB URL HTTP/1.1 eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff
IP 103.84.99.46:0
ASN #55752 Cloud Plus Pty Ltd
File type Web Open Font Format, TrueType, length 70304, version 1.0\012- data
Hash 59dd4f47e9a59785f0c82e2a1fb1f2e6
5ca724c6e13c99bd7572dd49d2d5cfee4670e54c
55e8d241ee7e1567115af36391cbcf4ec70c4bcddc53e96053e3df8ccad84df6
Analyzer Verdict Alert fortinet Phishing
GET /T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Mon, 10 Feb 2020 04:25:04 GMT
Accept-Ranges: bytes
ETag: "45e0a311cadfd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 70304
static.hotjar.com/c/hotjar-1152595.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1152595.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-1152595.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 09:48:41 GMT
cache-control: max-age=60
etag: W/62ab05e9fd9c4d1a66941cfc572e4bf2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _4oIDT0hUxzzEm3HOzXrrduS0pf6rMnh9qBiggD5c22BE0SgWKGRtA==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1152595/visit-data?sv=7
52.215.128.208200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1152595/visit-data?sv=7
IP 52.215.128.208:0
POST /api/v2/client/sites/1152595/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 09:48:41 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2