Overview

URLsulfaro.com.au/arvest_dsunn.zip
IP 116.0.20.85 (Australia)
ASN#38719 Dreamscape Networks Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 20:16:35 UTC
StatusLoading report..
IDS alerts0
Blocklist alert7
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
sulfaro.com.au (33) 0 2013-10-18 12:03:06 UTC 2022-11-29 06:39:16 UTC 116.0.20.85 Unknown ranking
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-29 09:57:13 UTC 142.250.74.74
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-29 06:11:22 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-29 08:33:49 UTC 142.250.74.110
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.49.154
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 sulfaro.com.au/arvest_dsunn.zip Phishing
2022-11-29 2 sulfaro.com.au/arvest_dsunn.zip Phishing
2022-11-29 2 sulfaro.com.au/js/background.cycle.js Phishing
2022-11-29 2 sulfaro.com.au/js/jquery/1.9.1/jquery.min.js Phishing
2022-11-29 2 sulfaro.com.au/fonts/AGaramondProRegular.woff2 Phishing
2022-11-29 2 sulfaro.com.au/fonts/AGaramondProRegular.woff Phishing
2022-11-29 2 sulfaro.com.au/fonts/AGaramondProRegular.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 116.0.20.85
Date UQ / IDS / BL URL IP
2022-12-19 02:31:19 +0000 0 - 0 - 3 ausna.com.au/ 116.0.20.85
2022-12-18 05:02:58 +0000 0 - 0 - 20 ausna.com.au/ 116.0.20.85
2022-12-04 11:03:58 +0000 0 - 0 - 6 sulfaro.com.au/arvest/login.php 116.0.20.85
2022-11-30 03:49:24 +0000 0 - 0 - 1 railsafety.net.au/ 116.0.20.85
2022-11-29 20:16:35 +0000 0 - 0 - 7 sulfaro.com.au/arvest_dsunn.zip 116.0.20.85


Last 5 reports on ASN: Dreamscape Networks Limited
Date UQ / IDS / BL URL IP
2023-02-08 12:09:39 +0000 43 - 3 - 0 acmecomp.com.au/wp-content/cgi/BOfA/BOfA/BOfA (...) 116.0.23.174
2023-02-08 10:41:00 +0000 0 - 1 - 0 theadelantegroup.com/d/apoyo/b5b0db7f3a77ca4f (...) 116.0.23.226
2023-02-08 09:54:20 +0000 0 - 0 - 8 203.170.86.89/ 203.170.86.89
2023-02-08 09:29:18 +0000 0 - 1 - 0 theadelantegroup.com/D/Apoyo/b5b0db7f3a77ca4f (...) 116.0.23.226
2023-02-08 08:36:50 +0000 43 - 3 - 0 acmecomp.com.au/wp-content/cgi/BOfA/BOfA/BOfA (...) 116.0.23.174


Last 5 reports on domain: sulfaro.com.au
Date UQ / IDS / BL URL IP
2022-12-04 11:03:58 +0000 0 - 0 - 6 sulfaro.com.au/arvest/login.php 116.0.20.85
2022-11-29 20:16:35 +0000 0 - 0 - 7 sulfaro.com.au/arvest_dsunn.zip 116.0.20.85
2022-11-29 11:17:31 +0000 0 - 0 - 7 sulfaro.com.au/arvest_dsunn.zip 116.0.20.85
2022-11-29 06:39:09 +0000 0 - 0 - 7 sulfaro.com.au/arvest_dsunn.zip 116.0.20.85
2022-11-28 07:01:34 +0000 0 - 0 - 2 sulfaro.com.au/arvest_dsunn.zip 116.0.20.85


No other reports with similar screenshot

JavaScript

Executed Scripts (12)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (65)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4712
Expires: Tue, 29 Nov 2022 21:34:55 GMT
Date: Tue, 29 Nov 2022 20:16:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1677
Cache-Control: max-age=139365
Date: Tue, 29 Nov 2022 20:16:23 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:59:08 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Tue, 29 Nov 2022 22:24:40 GMT
Date: Tue, 29 Nov 2022 20:16:23 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 19:19:38 GMT
cache-control: public,max-age=3600
age: 3405
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: zmRe/B1mACZ9o/7asWW+0PFS/jPP+hLvxlqk9zT2sabDzZQr8PiEJpUWu4dkX5ASIysMgf5ZM3j7vyEgKQ+Bcg==
x-amz-request-id: N4MDGS8ZYE178WK9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 19:45:35 GMT
age: 1848
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 20:16:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /arvest_dsunn.zip HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         116.0.20.85
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 29 Nov 2022 20:16:23 GMT
Server: Apache
Location: https://sulfaro.com.au/arvest_dsunn.zip
Content-Length: 311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    f761d0972511bea54075516374481954
Sha1:   0524c6260b571944b4e3b6256c9c8e72b497df3b
Sha256: 598ba05c1b3fce2c754685a45186eccb62c332eae82628db74929fd96ae811c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 20:08:56 GMT
cache-control: public,max-age=3600
age: 447
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5787
Cache-Control: max-age=138412
Date: Tue, 29 Nov 2022 20:16:23 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:43:15 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SKbnAg7M+TXGqNPuKkFAWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.49.154
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C6fw6+WsJ9wrec02nP3lfd0qfQw=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 84371
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:54 GMT
expires: Wed, 29 Nov 2023 15:43:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 16350
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   84371
Md5:    42e31554f77d599c9262a1c70bb1b30c
Sha1:   e3eece62325030cf5fa70a38b7bef2e27a24cd48
Sha256: 7f0b635a269a7a070d9280da9dbe05d533e5226642b7b748c4872cf98412c560
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /reset.css HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:49 GMT
Accept-Ranges: bytes
Content-Length: 522
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   522
Md5:    1a778f08bc48226ba98ff88dc9c7ea76
Sha1:   c3f23817df3453f6bd5c2e8f926bbe65867b31da
Sha256: 0bf93afe2d5a16a8c82744b8c0d5bde32823e2c68da82617f94fb251d2f575e4
                                        
                                            GET /arvest_dsunn.zip HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1670)
Size:   33976
Md5:    1ac0d691632903dd6e54d1d40bb8350a
Sha1:   9597e14181d1e5756d80208e8e729ae67b2dd214
Sha256: b31a2e274397df0303a18ee98243f13b49110bf14f72805e828bdff36dee41c3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/background.cycle.js HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 20:16:24 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:42:21 GMT
Accept-Ranges: bytes
Content-Length: 5199
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5199
Md5:    a02eda510ba65d7df3f75bbadc9e9b3f
Sha1:   43df1cbfd95df3f1e31008c81c340b991a24cf3a
Sha256: 945bbdb6e4b5bab6963daa1a06728a0db81ee4da9ab14146d8541472339e062e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4770
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:16:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4770
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:16:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4770
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:16:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4770
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:16:25 GMT
Connection: keep-alive

                                        
                                            GET /gtag/js?id=UA-121537796-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:16:24 GMT
expires: Tue, 29 Nov 2022 20:16:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 12:20:15 GMT
age: 28570
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4871
Md5:    a4058fd62595d15c58b3d3266de9865a
Sha1:   d0dff35eb78f129b5da407043037bcf9c27e55c0
Sha256: ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 11:46:43 GMT
age: 30582
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9546
Md5:    9a6e5f60b87d3879606a6707feb37a73
Sha1:   373c96c2e0006d70954d4b4ebd850f62f558e92c
Sha256: 1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 62108
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 62453
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 80777
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /sulfaro20201216a-1264up.css HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 20:16:25 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 22:31:00 GMT
Accept-Ranges: bytes
Content-Length: 17848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   17848
Md5:    a1b71afc11367044c8f954bcf1e6a2ee
Sha1:   56d278661c7416ac4f1243c22acd4ef06c455496
Sha256: 90dd3eb2e5cec5c4a945c598553c13f57d7a3ae01cbb41c44feb150f48c3ddc5
                                        
                                            GET /js/jquery/1.9.1/jquery.min.js HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 20:16:25 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:42:41 GMT
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32089)
Size:   92629
Md5:    397754ba49e9e0cf4e7c190da78dda05
Sha1:   ae49e56999d82802727455f0ba83b63acd90a22b
Sha256: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/tw.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:09:08 GMT
Accept-Ranges: bytes
Content-Length: 2406
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   2406
Md5:    aebac86c52f179ff000b5973acfb1662
Sha1:   698f1e1fb144898cd89286929f2c33a17b322909
Sha256: 2da58a02b52f0634c7f4d7cacbb2706cf893feb9c92213be713404a3af2d6899
                                        
                                            GET /images/sulfaro-logo-grey.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:35 GMT
Accept-Ranges: bytes
Content-Length: 40436
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1000 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   40436
Md5:    8359ac91ff347c654ff9da9103c416f3
Sha1:   39e5d40f7b7ec0bf2d7d81eee28d28e61fddc8b5
Sha256: d81dccefde5867f1f7334336b8c24721260934a682f9c7c33f5d7beddf395479
                                        
                                            GET /images/ig.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:09 GMT
Accept-Ranges: bytes
Content-Length: 2264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   2264
Md5:    9388594b2e0eaa3070958b872cdf7903
Sha1:   4331ffe68406ec532348d72dd00118c8b3483994
Sha256: 484dfc85f38bbd804697b367257db2fafc005cdc7e61c700e57f25a4b080bf5f
                                        
                                            GET /images/fb.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:02 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   1606
Md5:    8d51dfa4fb43a40351c68a69d6e53631
Sha1:   feba945924301cf35853af5e79282d3e0dbb2bac
Sha256: a17e47b96fc636227afb3d6fd6aed0a4e7e8948616ce6e2e8545840389026fab
                                        
                                            GET /sulfaro20201216a-0to700.css HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:46 GMT
Accept-Ranges: bytes
Content-Length: 18866
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   18866
Md5:    408b2bbb4f5f47b27aae05899af55c6c
Sha1:   310e6a353e1f5311812d7469b3493196a101a695
Sha256: fbc3ac2efb7dbdb6847d35010f7c7907217e004f68023466a8a2b8059bb35148
                                        
                                            GET /sulfaro20201216a-1024to1263.css HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:45 GMT
Accept-Ranges: bytes
Content-Length: 17729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   17729
Md5:    ffae73c9abf1c635ae3c8cb18244d960
Sha1:   20ff46a75d5ab33eaf905cc05c8edde0dd318de4
Sha256: efdde3a9378891fca475245f7752090305fe12b385d3f3af025dbabfbb8a3808
                                        
                                            GET /sulfaro20201216a-701to1023.css HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:45 GMT
Accept-Ranges: bytes
Content-Length: 17773
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   17773
Md5:    ce644334e355e945836d0e1667b9a68a
Sha1:   781cfa38fd3cc6424df8a10b922963375fb396a8
Sha256: e0bf4439b050abe2f98669897d31bb6bac581dd0c7a178a2c003b0482a7ffc91
                                        
                                            GET /fonts/AGaramondProRegular.woff2 HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Thu, 08 Apr 2021 04:43:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fonts/AGaramondProRegular.woff HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Cookie: _ga_S22Q0VJYFY=GS1.1.1669752985.1.0.1669752985.0.0.0; _ga=GA1.1.1628067552.1669752985
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Thu, 08 Apr 2021 04:43:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /g/collect?v=2&tid=G-S22Q0VJYFY&gtm=2oeb90&_p=1345485755&cid=1628067552.1669752985&ul=en-us&sr=1280x1024&_s=1&sid=1669752985&sct=1&seg=0&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&dt=Sulfaro%20Furniture&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sulfaro.com.au
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://sulfaro.com.au
date: Tue, 29 Nov 2022 20:16:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /images/job-link.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:10 GMT
Accept-Ranges: bytes
Content-Length: 36353
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 560 x 560, 8-bit/color RGB, non-interlaced\012- data
Size:   36353
Md5:    f66df1ea9188d7c3bdab026a08ee22f9
Sha1:   23492de86a3896d10024fd334fd2873820fa7fdf
Sha256: 68bc5727c9427fbee70ec6239ee088a308f49af271477f4eef73f8c0fddfc348
                                        
                                            GET /images/classic-style-sofas-and-chairs-hamptons-range.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:45 GMT
Accept-Ranges: bytes
Content-Length: 245115
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x938, components 3\012- data
Size:   245115
Md5:    0ecdc756743fed17ff3271c37df9596d
Sha1:   1dff1c71b49235cbd562a95df07118bf271c3f2b
Sha256: b5f9c8057ff1a2a0d87458195f0804a92a84d1ffeb68ffb19e89f1742ab31dc8
                                        
                                            GET /images/modern-contemporary-sofas-and-chairs.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:47 GMT
Accept-Ranges: bytes
Content-Length: 201160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x926, components 3\012- data
Size:   201160
Md5:    7a27255ed9b8ad446eadc24cf5253378
Sha1:   501f40bc29e6cc79134f4ef0400fae21f958f2d3
Sha256: 20c0cc563671d9477773f2c35d4e1c4f9fed728a07e45e270d00c89816bdb527
                                        
                                            GET /images/decor-and-design-accessories.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:27 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:56 GMT
Accept-Ranges: bytes
Content-Length: 264151
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x947, components 3\012- data
Size:   264151
Md5:    c7671bdef5ad5014b51a3442d74f22bb
Sha1:   daaaf9bc857bed42336e35cc84d92c019f96d0b1
Sha256: f0cab59085f33288f69eaf010030899dd90c4ec2e14837de2f3f8064d400b53c
                                        
                                            GET /images/traditional-upholstered-sofas-and-chairs.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:51 GMT
Accept-Ranges: bytes
Content-Length: 269280
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x1103, components 3\012- data
Size:   269280
Md5:    dcb624a8845eb67c3efb9d8618e0cd0b
Sha1:   b7b165de5508cdbef758b2514c5a85caac1a3f2a
Sha256: 13ac1ee662c3dcd96f0f49c407a75831973bb568f77275a57e115ed51ca7f12d
                                        
                                            GET /images/sulfaro-signature-range-upholstered-sofas.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:43 GMT
Accept-Ranges: bytes
Content-Length: 364988
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x947, components 3\012- data
Size:   364988
Md5:    01af0567e5b091009b93638025020aea
Sha1:   2b531ab4368ca62e00edfa94d73a58c1446820df
Sha256: 7b6467380480cef7dc0eca8c0301db0c60782fad40d36a5a7c39a1abfda76d6c
                                        
                                            GET /fonts/AGaramondProRegular.ttf HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Cookie: _ga_S22Q0VJYFY=GS1.1.1669752985.1.0.1669752985.0.0.0; _ga=GA1.1.1628067552.1669752985
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Date: Tue, 29 Nov 2022 20:16:27 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 01:32:53 GMT
Accept-Ranges: bytes
Content-Length: 203060
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  TrueType Font data, 16 tables, 1st "BASE", 24 names, Macintosh\012- data
Size:   203060
Md5:    9f53123748340a3492531a80c35261a3
Sha1:   2e344885093305e67137c06dabf26d6aadc21bc5
Sha256: fcae68cb4f01b66fde95e8ca2e72e6a3e4947848dd7c2c46edd9467df5dcd88d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/recliners-motion-suites.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:28 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:22:59 GMT
Accept-Ranges: bytes
Content-Length: 184940
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=947, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=1400], progressive, precision 8, 1400x947, components 3\012- data
Size:   184940
Md5:    9399fbba4978181226d1dab40c0ba685
Sha1:   a69c9dcf5f7a5dadd20dc741c0c69d606a7ea88e
Sha256: df49436731981357e0ee4ac1e6ee2b2a423a26c285247cd025d177c71770a24c
                                        
                                            GET /images/lawrence-sofa-and-matching-chairs.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:28 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:06:28 GMT
Accept-Ranges: bytes
Content-Length: 309252
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=765, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   309252
Md5:    d8c6eaea1f234387c1c12b81aa117da2
Sha1:   4f03801aab13dffc425a6e87ffe120a772cf76d4
Sha256: 85bc54d705f0d52c3f79d195c2f5ae1a0e95ad7e8adde712faf781b8d95e7c97
                                        
                                            GET /images/camelot-scatter-back-sofa.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:39 GMT
Accept-Ranges: bytes
Content-Length: 421923
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1055, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   421923
Md5:    62d4abc3337791b01c7d8f6f3332ee05
Sha1:   4f44aa4791e5721acb81db3ea3ee28925fbfb350
Sha256: 639e44f2a13d82ef32e1a0fefa45dd6228333ca9f21a8dfa4e0265ec450fae54
                                        
                                            GET /images/upholstered-sofa-coco-t-cushion.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:28 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:24:46 GMT
Accept-Ranges: bytes
Content-Length: 352982
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=962, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   352982
Md5:    379a0cb7f480f568c0c2f621074553f7
Sha1:   798fd8170ee3c374054c630163b965b52b07e3af
Sha256: 2b123b0777534a55eddfb10c0ae9bf295b654d394b2196fc9367032f585bfd94
                                        
                                            GET /images/euro-chaise-lounge-suite-sofa-modular.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:28 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:05:42 GMT
Accept-Ranges: bytes
Content-Length: 261015
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1027, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   261015
Md5:    5762fb82e88e3d06bf12c2f43c2e205b
Sha1:   f969819057dcd3ffa1fd833c4e790b1b8d7dce55
Sha256: 2be155fec20de04d0b37472324cda11f51cedecb138a355ebd372d8cc3ba3c37
                                        
                                            GET /images/tribeca-sofa-charlotte-queen-anne-armchair-and-matching-upholstered-ottoman.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:28 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:08:53 GMT
Accept-Ranges: bytes
Content-Length: 392226
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1138, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   392226
Md5:    913ba1d2fd5b1550b2067b8ef5800644
Sha1:   a7327c60a01d7309e1d2d7d5b4d22db0b51bfc5b
Sha256: abf4e5f4865c6fe172e432ad7eb20d44bc6b7116d08268aadde21496457b7a4b
                                        
                                            GET /images/euro-upholstered-sofa-with-occasional-chair.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:29 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:06:01 GMT
Accept-Ranges: bytes
Content-Length: 299111
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1101, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   299111
Md5:    d953472e38f9d0030485d332311926dd
Sha1:   6d3f470a981b9b53a3b9be77755e24280445950e
Sha256: 56441ed72138e4adcf8e93967b9ba16ee1f9901298f89ca0cfb3c8a448097da1
                                        
                                            GET /images/tribeca-sofa-with-wing-chairs-and-matched-ottomans.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:29 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:09:08 GMT
Accept-Ranges: bytes
Content-Length: 428827
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1076, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   428827
Md5:    6c1236ce6fa868c34ebe30d8e1fcf5b4
Sha1:   9569b8579436ef25d0e33ba4b12562ebabad8e9a
Sha256: 95748a9bd057864ee5259223f5bafbe6afb152f51a81fb082d108f929fbb1259
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 128
Cache-Control: max-age=134164
Date: Tue, 29 Nov 2022 20:16:30 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:32:34 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 18:41:08 GMT
expires: Tue, 29 Nov 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 5722
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: vX/oR/7g+uO300W0o0UnTknqpBHAkM+Z/Ow1j7ns0XNxIV2gh77A0gmH5xUvt48QTyc0NyHEb4DYgIV8+qs5Ag==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 29 Nov 2022 20:16:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 128
Cache-Control: max-age=134164
Date: Tue, 29 Nov 2022 20:16:30 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:32:34 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /j/collect?v=1&_v=j98&a=1345485755&t=pageview&_s=1&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&ul=en-us&de=UTF-8&dt=Sulfaro%20Furniture&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=2000688886&gjid=263946255&cid=1628067552.1669752985&tid=UA-121537796-1&_gid=1811509734.1669752989&_r=1&gtm=2oubs0&z=737227311 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sulfaro.com.au
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://sulfaro.com.au
date: Tue, 29 Nov 2022 20:16:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /images/studio-t-modern-contemporary-sofa.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:29 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:45 GMT
Accept-Ranges: bytes
Content-Length: 261847
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1051, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   261847
Md5:    23e43b90685a00a28c75c73659eb4526
Sha1:   8b63e463ffbf344573c7ac78cbd95daf79b4137e
Sha256: fab49d339e5b32c25dfec89d68feea885fedfae304fc52d09700d23d812f7543
                                        
                                            GET /images/favicon.png HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Cookie: _ga_S22Q0VJYFY=GS1.1.1669752985.1.0.1669752985.0.0.0; _ga=GA1.1.1628067552.1669752985
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 29 Nov 2022 20:16:30 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:02 GMT
Accept-Ranges: bytes
Content-Length: 1239
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   1239
Md5:    a934e97087508ea02610c701e1d78857
Sha1:   4280d123cecd06a7604c8c166767e216c55e1466
Sha256: 0501be756fc74efd3383da785e88f0364baf653c2259ac69a929848fe4885db0
                                        
                                            GET /images/classic-london-sofa-and-lounge-suite.jpg HTTP/1.1 
Host: sulfaro.com.au
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         116.0.20.85
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 20:16:29 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:52 GMT
Accept-Ranges: bytes
Content-Length: 376477
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1111, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size:   376477
Md5:    bd7aa8d97288b44ef28419b8c62f5771
Sha1:   f3fb32c50f1178f03b7ab96b761c47f8c4255135
Sha256: ea2b91c9daad62c07dfe996ee5907b3f75f933d3eaa9e94931eddf75e0c8fade
                                        
                                            GET /tr/?id=845886205848062&ev=PageView&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&rl=&if=false&ts=1669752989926&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669752989925.1283582240&it=1669752989483&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 20:16:30 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   86015
Md5:    f0dd8bb6eb5d778c2095d0abd4198ff0
Sha1:   0517034ed2ecf3839451b49c306c77adb32ba1a8
Sha256: 8733bace7d350d967f22be132aaf6681806e2410d3fe492d61444577b8ec1518
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 58254
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb