Report - www.casey.vic.gov.au/pay-application

Report Overview

Submitted URL
www.casey.vic.gov.au/pay-application
IP
54.230.111.127
ASN
#16509 AMAZON-02
Submitted
2022-10-27 09:48:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	383 B	21 kB	142.250.74.174
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-10T15:35:05Z	395 B	67 kB	143.204.55.68
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	527 B	694 B	142.250.74.3
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-10T09:34:35Z	388 B	630 B	143.204.55.84
in.hotjar.com	1746	2018-10-22T19:15:59Z	2023-03-10T11:32:21Z	506 B	287 B	52.215.128.208
www.casey.vic.gov.au	unknown	2013-05-13T20:23:17Z	2023-02-27T05:20:11Z	832 B	2.1 kB	54.230.111.7
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	53 kB	34.120.237.76
eproperty.casey.vic.gov.au	unknown	2017-02-01T12:01:20Z	2023-01-23T02:12:37Z	8.9 kB	228 kB	103.84.99.46
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	392 B	61 kB	142.250.74.168
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	364 B	1.5 kB	34.102.187.140
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.213.121.129
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	528 B	694 B	142.250.74.164
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	423 B	34 kB	69.16.175.10
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	628 B	721 B	173.194.222.157
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-09T18:15:23Z	516 B	1.7 kB	143.204.55.20
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	2.0 kB	54.230.245.39
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.7 kB	5.6 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-27	medium	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	Phishing
2022-10-27	medium	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js	Phishing
2022-10-27	medium	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js	Phishing
2022-10-27	medium	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff	Phishing
2022-10-27	medium	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js	96 kB	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash ca9902775e31bb0a48a57192327485e9 ab9b74115862b8558d6969eecf857b982a5de96b 4017b545d3fbdaac8b87b0d4607ab877d8ac68839ec4cc2628ea46a466590dbe Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR	166 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash 7cfd4e429884a87bf27ea27c63cb69d5 8f4143d6984c4ed39535d741950e68e0c148d43e faccffee6d92f3adf2d998108716a4f0e6ca6eb4b12251659e0ac803cf83ccac Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js	3.4 kB	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash b0b43e39f5519ffd0ba9222464d79ea8 177665075d5cfb12209e35df1e0c3340fb2e6a5b 2b9809973e5584afcb05c08e6f36c85c86e2602ddb22673d67a8ea463f559498 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000	21 kB	2023-03-07	2024-04-20
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000 IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:03 Last Seen2024-04-20 03:53:48 Times Seen427 Hash eac91542a05209478107c4a3725ce29c 2987e7c40ce780293b3cdd39c4ad491f471bccee 0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a Loading...

	static.hotjar.com/c/hotjar-1152595.js?sv=7	10 kB	2023-03-10	2023-03-10
Pretty URL static.hotjar.com/c/hotjar-1152595.js?sv=7 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash 62ab05e9fd9c4d1a66941cfc572e4bf2 24193a729726d6df6694af54fe3773383fe4b2de 9897f0187e84a5f02be13c36442e4744022a30e0a578be5eff6984efc20555b0 Loading...

	vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html	2.3 kB	2023-03-10	2023-03-17
Pretty URL vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html IP 143.204.55.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:08:48 Last Seen2023-03-17 18:53:20 Times Seen1 Hash 4b3fcaac295321393f1bee36271d6f8b 551bc59f96dbd382dc9ff712fdcc6bcd602d6ed9 1f6e65b24f7a62941f0198dd3bbef027f7db4263a544a303a9eb307dcdab7878 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:47:15 Times Seen37065316 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	357 B	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash 401f468b8b77dfa3e6dafada26c129f4 42cc02fb7c9e852fb84ad703978c078e741e2876 a56ed98177fab7a62625878d07bff2657aa13b2167f949ee6b77c1c7be107d57 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000	22 kB	2023-03-07	2024-03-03
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000 IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:08:01 Last Seen2024-03-03 17:19:39 Times Seen118 Hash b1d9aa8d7e88db4e7e9f10503145b60d e7f909633afbc92a54f2008b5ef18d8c283d1057 aeaa9e7c8c70d2ce5431cfdf5387e4a96fd55ff14fadd4420cf7cfe6adf01aa1 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	155 B	2023-03-07	2024-04-25
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:06 Last Seen2024-04-25 12:03:34 Times Seen13942 Hash 58ef21b4e22b3b1d9825895968682671 318fc65e9f3be784afbc911a866ac35ae2697f94 79950d3fbd577e33c9db1acc4d5e1f92ba01aaabf38b49c9e50289d7f757c037 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	1.1 kB	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash a9b1b8efba5c394189b55370267dd10a 64e81336c8250b2c9bf2690626d02728f06d6328 23300dee51cc3ad67ac430fdde2e5d984656661008eea2c3056dcb211462d74c Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	830 B	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash b081d08e479c7314a47d9165bfb2474a b85a351a6a60fe6696316607ed1c7fae6c5de4a6 16b901723aab1cad77ca2f44b77baf6316dc5181dea2a18bc2dd105face2acfa Loading...

	code.jquery.com/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-1.12.4.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 14:28:53 Times Seen118702 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	370 B	2023-03-07	2024-04-24
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:26 Last Seen2024-04-24 21:04:18 Times Seen1460 Hash 2dd1a1b7c59783d99f750190233d997a 28a2788c6484a90079a0654b958b73806d660fd4 01345e20242c77eb2657f3efac0e1e1fe0eec6c7a74b84b16c67128f24899410 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	204 B	2023-03-10	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:29:02 Last Seen2023-03-10 16:29:02 Times Seen1 Hash a1f0ae5f5a2a9e2f4c6719472c051f87 500058004278c480aaf4c6da7f3505de1985b2bf 78edcd656350dcc8e048c06c18cb1de5efd62eab27e8a4d3cc87a249a43bf615 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000	3.5 kB	2023-03-07	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000 IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:02:43 Last Seen2023-03-10 16:29:02 Times Seen1 Hash a7964c1ffd340522e13b037789a97e84 59ebf8e0af6ba63cbaabaf487b7a006fdf5f3ec0 52e9d5ff783e004fd785a6ceab318ad1fe7c6f772a415106a8d72faf0fc5f764 Loading...

	eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ	187 B	2023-03-07	2023-03-10
Pretty URL eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ IP 103.84.99.46 ASN #55752 Cloud Plus Pty Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:02:43 Last Seen2023-03-10 16:29:02 Times Seen1 Hash ec596d52acec332eb773993c2781c760 4415e19d8b389620379012dc0468849250420d29 e965fad83569991627ab661d7f04ad8ddb0cec1a2d7cf8b825594ddb02793183 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2befe67654f48ceb8672b9bf3620b6a1	81 B	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 22:02:43 Last Seen2023-03-10 16:29:02 Times Seen1 Hash 2befe67654f48ceb8672b9bf3620b6a1 cd56e51492b18ce26c26e299c03a7020be86a0e3 861eeb9355c99061b08fd604080ac400ad93c85ae81ff7e494583be5d15416b7 Loading...

	#2 Eval - 01b54c85dcec540f8c7ed9d5a616cf98	22 B	2023-03-07	2024-03-03
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2024-03-03 17:19:39 Times Seen90 Hash 01b54c85dcec540f8c7ed9d5a616cf98 4c26ad6489494586747dd8b0f9c827a5985c6e60 07b1ffeca467ec4a08e534a5d8c1697cb4dc8c17a115f5fa25b882634273dcb4 Loading...

	#3 Eval - f82492ee00c220ab00f427e848e2a361	20 B	2023-03-07	2023-12-26
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2023-12-26 10:37:13 Times Seen30 Hash f82492ee00c220ab00f427e848e2a361 a08e3b4a051afd41830e1fbe95556613ed965d79 8b22a70df6d170749f360bff635b8a3734cf5415c1986052a46c59d56bd3f92a Loading...

	#4 Eval - c5efdf3536d6bf11773acd233507a92f	24 B	2023-03-07	2024-03-03
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2024-03-03 17:19:39 Times Seen90 Hash c5efdf3536d6bf11773acd233507a92f bc8afa68b1d31a0d5dff046b46391545de17b56b 98551f63e1e8722f27f9274af59a596d93674743c1a521c1ad674067f14d03d1 Loading...

	#5 Eval - 869f5f3dff7c7c9c3e960ae41552bb4c	26 B	2023-03-07	2024-03-03
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2024-03-03 17:19:39 Times Seen88 Hash 869f5f3dff7c7c9c3e960ae41552bb4c 129bbae43965a68b7616aecc804ed9ebb9bc0734 944a84b9a7861e78e17247af0e69312445bc5feb7aca603c442de8ad9d62cd83 Loading...

	#6 Eval - d335db5f44fd418bdd559d188c4ed7e8	22 B	2023-03-07	2023-12-26
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2023-12-26 10:37:14 Times Seen30 Hash d335db5f44fd418bdd559d188c4ed7e8 4c66ebc091dfe4cd3258b713beb90e1e996b172f d7ee18087727d492310d62faa431244fc2b8b01edd797b1bbdec90959d04993a Loading...

	#7 Eval - 1c1629b4632deea872327c4763eb842e	24 B	2023-03-07	2024-03-03
Pretty Observations First Seen2023-03-07 16:23:09 Last Seen2024-03-03 17:19:39 Times Seen88 Hash 1c1629b4632deea872327c4763eb842e 096dff561027ebff1a44f44f5b498d4948bdc460 7c14d13f2a7ba5532cf31e0d78b22361fb999203cd75c900634f8bd9ce1e14e8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 793d686921f9c046f8d6af32db00b235	138 B	2023-03-07	2023-03-10
Pretty Observations First Seen2023-03-07 22:02:43 Last Seen2023-03-10 16:29:02 Times Seen1 Hash 793d686921f9c046f8d6af32db00b235 fe0c166c16b46380868b3c1763a8e857b605ef23 166f565824504cc987000f3015c0c8872e45ca13eb8e3e35e9d5970334e37699 Loading...

HTTP Transactions (57)

URL IP Response Size

www.casey.vic.gov.au/pay-application

54.230.111.7

301 Moved Permanently

167 B

URL HTTP/1.1
www.casey.vic.gov.au/pay-application
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /pay-application HTTP/1.1
Host: www.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 27 Oct 2022 09:48:35 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.casey.vic.gov.au/pay-application
X-Cache: Redirect from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5jm14dY8haMyZNoBoT194aMoG7YL5Fugf89PGBn_jt3EF9d4Zs5Xpg==

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6364
Expires: Thu, 27 Oct 2022 11:34:39 GMT
Date: Thu, 27 Oct 2022 09:48:35 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5247
Cache-Control: max-age=90594
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:58:29 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=90089
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 10:50:04 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6674
Expires: Thu, 27 Oct 2022 11:39:49 GMT
Date: Thu, 27 Oct 2022 09:48:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 27 Oct 2022 09:41:43 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oRNdNdLTM4f4JPDrPVAQKd7i/CZ2umF7qXAk65TxxQ6eSL1o1w9S537EVi1AAEmdtOmb/NXXUDE=
x-amz-request-id: ZPTC8GV9V0FJPN5J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 09:09:46 GMT
age: 2329
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c5f75c34629c4035f9bc22c474227c83
d06991827161322e4367f9def5498822067c4fc2
7dc6b2b50dc8c8997cb43c0eb6ca26fe74700b5faa00ffee88cacff207705949

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86825
Date: Thu, 27 Oct 2022 09:48:35 GMT
Etag: "6358f5cf-1d7"
Expires: Fri, 28 Oct 2022 09:55:40 GMT
Last-Modified: Wed, 26 Oct 2022 08:54:39 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JhPCkWIiMWhiwGo8_W7x__1ZFli8mxRVbAUr58Jz26otl6V2WspaIw==
Age: 3661

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 09:48:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5712
Cache-Control: max-age=86003
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:36 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:41:59 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.121.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.121.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lfvaxuyf1vbrfVHJrhgDEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 33w6CuW8auwzRUFc+kPHYJ0hCDY=

www.casey.vic.gov.au/pay-application

54.230.111.127

301 Moved Permanently

702 B

URL HTTP/2
www.casey.vic.gov.au/pay-application
IP
54.230.111.127:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
702 B (702 bytes)
Hash
49acf6febf59b43b726884d3115891e1
6fa7a9781068b322062b9020c2a5d3c4147c1ac1
fb4954c94197f31470430f2bfd39c7604e6ab3f1c41123d518d6d2cd71f2a914

HTTP Headers

GET /pay-application HTTP/1.1
Host: www.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
content-length: 702
location: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
date: Thu, 27 Oct 2022 09:48:36 GMT
x-redirect-id: 2366
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-ironstar-app-pod: app-5dc5594cb9-jhlhf
x-request-id: 546b8184742121c8c7d1b7e0b74e9b52
x-ironstar-cache-pod: cache-7df5fcfd9f-n8hbf
x-xss-protection: 1; mode=block
x-ironstar-cache-status: MISS
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iXSqnkrPHT3Lin3SHluINGkDaCM8fxmkizh5EzPHsQEDB9CO4QFDRw==
age: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e5274d15371ddbcdca2f5eb387afcc7a
d1f4fad04d93adaa931b2c7fa5701f8ab5115b4f
8f520e1f63c53ba844433cbd4179217aca0f5e77968409500708d9be1376df55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114880
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:37 GMT
Etag: "635971b5-1d7"
Expires: Fri, 28 Oct 2022 17:43:17 GMT
Last-Modified: Wed, 26 Oct 2022 17:43:17 GMT
Server: nginx
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4273
Expires: Thu, 27 Oct 2022 10:59:50 GMT
Date: Thu, 27 Oct 2022 09:48:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4709 bytes)
Hash
c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 43260
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:44:24 GMT
age: 32653
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15768 bytes)
Hash
4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:58:12 GMT
age: 42625
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5444 bytes)
Hash
8b3875b4f9986a58288fdb19744f275e
ee76902c43d2b348a194456e53978337cf5391a4
84e01baf1a4f51606a20f464990c1de066a10a0310abc3abffa5b143ad64c93f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb13a70d-b8c4-4350-b75f-4a792bbe0138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5444
x-amzn-requestid: 6d58934a-f718-4bdc-9aa9-e570c3eb6d0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aI0DvG5voAMFmLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634d007e-2e60c6b673315a4034f09320;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 07:13:02 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: skpAlvhidM2bxW0pciEBF7LfKpWGnwLsq_Eg0y4VCOp5GdtJlgYhAQ==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:15 GMT
age: 42982
etag: "ee76902c43d2b348a194456e53978337cf5391a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6493 bytes)
Hash
3185609c8bfba0bf8d54812276331c42
4a14cc85d23798bd3476516b49a3c3ff7bcd0d98
e57871dad12531fccf75d0bc4930c18c3c95c706b2bfd89e620b1e097b40a08e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6493
x-amzn-requestid: f5ca8ddd-d103-43e2-b3b7-ece16e1312a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ainrUE-pIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63575315-5f7287ea785008c44b0ff490;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:08:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LOj8fvtUhiwgFnrZG9v0iJ1At2O4vsdXM6tCPF8Blr-AOA-ALbuIkQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 03:39:20 GMT
age: 22157
etag: "4a14cc85d23798bd3476516b49a3c3ff7bcd0d98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9720 bytes)
Hash
2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DjRLNrY4BFc3GwHGBW40LIyh-RYT3hshdKPxXok4KE97fGvatXN6yQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 11:12:06 GMT
age: 81391
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ

103.84.99.46

200 OK

17 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4612), with CRLF line terminators
Size
17 kB (17308 bytes)
Hash
97e7f909be065695002b6cfe294fec21
871d65f2fd164f4607262a2999d72a740048f0d8
6d9422fc990f19298ce8585fba90d1a8282b26dd8e4a0cee5d2ab693219d32bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 17308

code.jquery.com/jquery-1.12.4.min.js

69.16.175.10

200 OK

34 kB

URL HTTP/2
code.jquery.com/jquery-1.12.4.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32077)
Size
34 kB (33738 bytes)
Hash
fc7624613c4e25843694cdb7fa956f05
7765bb4016ae929e22be579ccde505b94c2a63c1
49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae

HTTP Headers

GET /jquery-1.12.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 27 Oct 2022 09:48:39 GMT
content-encoding: gzip
content-length: 33738
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-17b8b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666864119.dop215.sk1.t,1666864119.cds263.sk1.hn,1666864119.cds251.sk1.c
X-Firefox-Spdy: h2

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css

103.84.99.46

200 OK

9.8 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
ASCII text, with very long lines (58674), with CRLF line terminators
Size
9.8 kB (9764 bytes)
Hash
54cc2947d3df2eb76e773d3b870be56c
e2c3b787f70b081b3619950cd01fd53518c6be6b
aa9611484b19e7cbec33699bc604674b0b7ded2a269d892f0c37033d45c476bb

HTTP Headers

GET /T1PRProd/WebApps/eProperty/style/casey.css HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 00:38:57 GMT
Accept-Ranges: bytes
ETag: "8066a9d494e1d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 9764

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css

103.84.99.46

200 OK

5.1 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
5.1 kB (5127 bytes)
Hash
3cbcfcd3cbe276f0be87d33731ec465c
5a420dc49a3c28c7f7bb71960d9d1f9347c11d2b
52d1af054e239e6277ff1fe4d4d9f70005771aca7d23155414fc0c35036e7dd1

HTTP Headers

GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Default.css HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 06 Sep 2013 01:27:27 GMT
Accept-Ranges: bytes
ETag: "80a9123fa0aace1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 5127

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR

142.250.74.168

200 OK

61 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P5QR9GR
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2916)
Size
61 kB (60641 bytes)
Hash
eaf943c138407922ed663c9e57dd6c53
701bc8ac0b627a341fe506730229d338da636740
1b587086d9010d8bed02ba32c6b35159a2e732ffe851a7d20512466d702257d8

HTTP Headers

GET /gtm.js?id=GTM-P5QR9GR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 09:48:39 GMT
expires: Thu, 27 Oct 2022 09:48:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000

103.84.99.46

200 OK

5.8 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
ASCII text, with CRLF line terminators
Size
5.8 kB (5840 bytes)
Hash
20d678b3dec24264f53b1262e2b83947
cd76ccb89a899b34afe22e6530ee3763f673f688
01cb72190033b3103c18d126d7326f13cbc831635a7a6e07dbfcc0036eb94ac7

HTTP Headers

GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=hDwC2xbDWZOlMixpeKIu8iuhztJtVUJVtLn3_gGo55lxFqszWOtrAPV9bWLHOkVUFnU9BE2onjP3zKK0GCVH6rAkvFc1&t=637812351300000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 20:27:04 GMT
Last-Modified: Wed, 23 Feb 2022 06:45:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 5840

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js

103.84.99.46

200 OK

1.0 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.js
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1045 bytes)
Hash
677c704267560129f15c4ec56f1ff749
d2c0afe7ed48b0d76f8b9efc1199794fd82ba7b4
b334ace0c4236350a28c821aaf42237e05c171a042b93d22ea23f06fcd131581

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T1PRProd/WebApps/eProperty/style/casey.js HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 05:41:57 GMT
Accept-Ranges: bytes
ETag: "80009531ed61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:39 GMT
Content-Length: 1045

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000

103.84.99.46

200 OK

5.2 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
ASCII text, with CRLF line terminators
Size
5.2 kB (5224 bytes)
Hash
505249b0496e4fa9fe31de88be3d163f
4e52cfb12cda38f07fdedbc064ce1a87d89e9b6a
e14b21b76602815f62a5995b224d48597d6bf5e2d720b2bf7fc157cd4fb508b8

HTTP Headers

GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=ax0hsyMAyZHeLOmOk0H0eXE_TZtti4-ft8Gc4rMUA4l6-6S8czQfhWqBH_f7OeZFlmOSGhBnp7pNU8NINltH4-R3nPM1&t=637812351300000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 16:14:37 GMT
Last-Modified: Wed, 23 Feb 2022 06:45:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 5224

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000

103.84.99.46

200 OK

1.3 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.3 kB (1327 bytes)
Hash
bf55bff246676e7fdf0c29971676cf40
965c4091829b470b924176f959ff241705ff2098
1b8da9fa360d0be8baf3e8f9d05c734f5c02cbc13d4d76810d11dc0f79f942ec

HTTP Headers

GET /T1PRProd/WebApps/eProperty/WebResource.axd?d=YIywYCA0KvkE-TezN2PRz8LWVUX446TwYXnpx7BvSE9Huk0uH8bzn2ldNG4PK9LIHosLbTmgRfFEIMWczDCc_axFi2ZOs6KqhYNn6NthEJ4osOsSU_6W8LT_7TFeRU5ELzbQKg2&t=637377707080000000 HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Thu, 26 Oct 2023 15:56:05 GMT
Last-Modified: Thu, 08 Oct 2020 05:18:28 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1327

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif

103.84.99.46

200 OK

807 B

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
807 B (807 bytes)
Hash
18b3e43abad26bdac6f4cea944777b62
5848cd0aca8d9fc92d8449b13f829cc1f6cd310a
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

HTTP Headers

GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Images/Empty.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2013 01:27:28 GMT
Accept-Ranges: bytes
ETag: "81412440a0aace1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 807

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif

103.84.99.46

200 OK

12 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
GIF image data, version 89a, 206 x 300\012- data
Size
12 kB (12260 bytes)
Hash
50420ef782616697d4334c4deec228fc
3433c07c4107090b6e4f9c5191a1895266e778a0
2fde0a6fdc92ac69f90d90f90d10573a75381e19eebbddb44bafe0a635caf1c1

HTTP Headers

GET /T1PRProd/WebApps/eProperty/Images/ApplicationInvoice.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 10 Aug 2020 05:53:59 GMT
Accept-Ranges: bytes
ETag: "3c7cbba4da6ed61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 12260

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif

103.84.99.46

200 OK

810 B

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
GIF image data, version 89a, 1 x 10\012- data
Size
810 B (810 bytes)
Hash
0e2d1c6185c248084bc16e94919f8b93
007af539a8edfa08afab7443158e5689d0838fca
1010c670d75b7c26260d002144acb0d6b38e00049e11e5d790ef397ec2a130e0

HTTP Headers

GET /T1PRProd/WebApps/eProperty/App_Themes/Default/Images/VerticalBarBlack.gif HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2013 01:27:30 GMT
Accept-Ranges: bytes
ETag: "8f721741a0aace1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 810

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js

103.84.99.46

200 OK

20 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1236), with CRLF line terminators
Size
20 kB (20292 bytes)
Hash
1a9499f0ada37ed6ff24ef6ec6de67ad
34c92aaf8f4efd33aea7c3afb1dd97761ca7110c
48645fe41fa0eeca2857fe435db6b39d45456395d227cca7cd5e581213619d5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T1PRProd/WebApps/eProperty/App_Themes/Default/csy-MasterCustom.js HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 03:02:59 GMT
Accept-Ranges: bytes
ETag: "8033f0b04f2cd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 20292

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 08:41:09 GMT
expires: Thu, 27 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 4052
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff

103.84.99.46

200 OK

71 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
Web Open Font Format, TrueType, length 71016, version 1.0\012- data
Size
71 kB (71016 bytes)
Hash
d52d6025f5b7be3f786f1ca60c319b34
1474914fe51ecc868d11297b5b358d77858f8d06
5a424d78d1fde667c3ef22c45fb05a48337c2e9824ddb4b8516c708b48d9efd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T1PRProd/WebApps/eProperty/style/gorditaregular-webfont.woff HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Mon, 10 Feb 2020 04:25:05 GMT
Accept-Ranges: bytes
ETag: "e9ea3212cadfd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 71016

vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

143.204.55.20

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
IP
143.204.55.20:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
d2c298a660a1ee92f094a3d504e3e2e6
13fd39d202cf3e00be906a798921386b403e15c5
4aa80b9ea27a402072083d23dd118c6be178b90efb7ff0014c8b87c180655bdb

HTTP Headers

GET /box-c1417f7b48595d0dbca01c86f95d6dbb.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Tue, 18 Oct 2022 09:12:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yKm4TurDf2NuKuNhB_4r9REHU1NDtyx6ubRpxY7OgdIM1Rirgq3qsg==
age: 779795
X-Firefox-Spdy: h2

script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

143.204.55.68

200 OK

66 kB

URL HTTP/2
script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
66 kB (66091 bytes)
Hash
f784e2f70f455f7e613fcb9f757607c4
44c87de224e98901c88434e10cbe88e18000943f
3c167e79d789a1fd56a4dd863f94690b5124a2dcd8c1e06e3e0ad9f35fd1d49a

HTTP Headers

GET /modules.5a17f10e21dd3fd3b841.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 66091
date: Wed, 26 Oct 2022 11:38:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "f784e2f70f455f7e613fcb9f757607c4"
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rSJXUaxWFJB1-IndfSL0Jzux5ETKXR8o_A4eVb7Q8q7y_5BNg0kvKQ==
age: 79835
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

eproperty.casey.vic.gov.au/favicon.ico

103.84.99.46

404 Not Found

1.2 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/favicon.ico
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1245

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/MasterPages/icon.png

103.84.99.46

404 Not Found

1.2 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/MasterPages/icon.png
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

HTTP Headers

GET /T1PRProd/WebApps/eProperty/MasterPages/icon.png HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/P1/ePay/ApplicationPayment.aspx?f=%24P1.EPY.APPS.ENQ
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 1245

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761

173.194.222.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761
IP
173.194.222.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&gjid=1536810573&_gid=601277994.1666864120&_u=YEBAAEAAAAAAACAAI~&z=2147428761 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://eproperty.casey.vic.gov.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
67926616d93c71de060b719e9aba6cc8
1f4ba7f5e695b4ce208a723e8bf401c323a6cbae
9e19fe8ed31f7213e85fa8e0a88313961ab24d7a52f459877591885eed4c1343

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108593
Date: Thu, 27 Oct 2022 09:48:41 GMT
Etag: "63594342-1d7"
Expires: Fri, 28 Oct 2022 15:58:34 GMT
Last-Modified: Wed, 26 Oct 2022 14:25:06 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mrUS2MIvvooa5z20r9tqK0TDucIAYoz8IiF0fOC6e0xF3b21F39NGQ==
Age: 5608

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-108608433-2&cid=1933811858.1666864120&jid=874352496&_u=YEBAAEAAAAAAACAAI~&z=2060608606 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 09:48:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 09:48:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff

103.84.99.46

200 OK

70 kB

URL HTTP/1.1
eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff
IP
103.84.99.46:0
ASN
#55752 Cloud Plus Pty Ltd

File type
Web Open Font Format, TrueType, length 70304, version 1.0\012- data
Size
70 kB (70304 bytes)
Hash
59dd4f47e9a59785f0c82e2a1fb1f2e6
5ca724c6e13c99bd7572dd49d2d5cfee4670e54c
55e8d241ee7e1567115af36391cbcf4ec70c4bcddc53e96053e3df8ccad84df6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /T1PRProd/WebApps/eProperty/style/gorditamedium-webfont.woff HTTP/1.1
Host: eproperty.casey.vic.gov.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/T1PRProd/WebApps/eProperty/style/casey.css
Cookie: ASP.NET_SessionId=ek200lfjddrrlw45y0zh13zh
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: font/x-woff
Last-Modified: Mon, 10 Feb 2020 04:25:04 GMT
Accept-Ranges: bytes
ETag: "45e0a311cadfd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 27 Oct 2022 09:48:40 GMT
Content-Length: 70304

static.hotjar.com/c/hotjar-1152595.js?sv=7

143.204.55.84

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1152595.js?sv=7
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1152595.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 09:48:41 GMT
cache-control: max-age=60
etag: W/62ab05e9fd9c4d1a66941cfc572e4bf2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _4oIDT0hUxzzEm3HOzXrrduS0pf6rMnh9qBiggD5c22BE0SgWKGRtA==
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/1152595/visit-data?sv=7

52.215.128.208

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/1152595/visit-data?sv=7
IP
52.215.128.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/1152595/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://eproperty.casey.vic.gov.au
Connection: keep-alive
Referer: https://eproperty.casey.vic.gov.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 27 Oct 2022 09:48:41 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP