Report - sulfaro.com.au/arvest

Report Overview

Submitted URL
sulfaro.com.au/arvest_dsunn.zip
IP
116.0.20.85
ASN
#38719 Dreamscape Networks Limited
Submitted
2022-11-29 11:17:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
sulfaro.com.au	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	5.1 MB	116.0.20.85
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.1 kB	93.184.220.29
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	86 kB	172.217.21.170
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	654 B	561 B	216.239.34.36
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	29 kB	31.13.72.12
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	86 kB	31.13.72.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.139.17
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	21 kB	142.250.74.174
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	45 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	52 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	sulfaro.com.au/arvest_dsunn.zip	Phishing
2022-11-29	medium	sulfaro.com.au/arvest_dsunn.zip	Phishing
2022-11-29	medium	sulfaro.com.au/js/background.cycle.js	Phishing
2022-11-29	medium	sulfaro.com.au/js/jquery/1.9.1/jquery.min.js	Phishing
2022-11-29	medium	sulfaro.com.au/fonts/AGaramondProRegular.woff2	Phishing
2022-11-29	medium	sulfaro.com.au/fonts/AGaramondProRegular.woff	Phishing
2022-11-29	medium	sulfaro.com.au/fonts/AGaramondProRegular.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	sulfaro.com.au/arvest_dsunn.zip	464 B	2023-03-08	2023-03-11
Pretty URL sulfaro.com.au/arvest_dsunn.zip IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:54:54 Last Seen2023-03-11 22:36:02 Times Seen1 Hash a5b160ca5dac11947481f6d5830d36b6 c6b1123b3c549a1b11e8eead755c705f73df94a3 0e7f1af71e9a56e0d506e2961ce11a79981ff89ed89f2b03027073b8df812273 Loading...

	www.googletagmanager.com/gtag/js?id=G-S22Q0VJYFY&l=dataLayer&cx=c	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-S22Q0VJYFY&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:23:08 Last Seen2023-03-11 22:23:08 Times Seen1 Hash 3adeb1f534cc8688f41652f8ff6076b2 7d42ea39088946478f606d09cf1b8684711f4548 294c7e1938f6400062fe53f215b329d16a9e81e450f64dc6537e826f6492a7f6 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 01:21:30 Times Seen37107366 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sulfaro.com.au/js/background.cycle.js	5.2 kB	2023-03-11	2023-03-11
Pretty URL sulfaro.com.au/js/background.cycle.js IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:00 Last Seen2023-03-11 22:36:02 Times Seen1 Hash a02eda510ba65d7df3f75bbadc9e9b3f 43df1cbfd95df3f1e31008c81c340b991a24cf3a 945bbdb6e4b5bab6963daa1a06728a0db81ee4da9ab14146d8541472339e062e Loading...

	sulfaro.com.au/arvest_dsunn.zip	708 B	2023-03-08	2023-03-11
Pretty URL sulfaro.com.au/arvest_dsunn.zip IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:54:54 Last Seen2023-03-11 22:36:02 Times Seen1 Hash 6175e900f9ecb3ddbb314ece45d5ace8 5fb886eb6dbe3416399685cce7f2521f9183636d 11a2c1197d41d10ed6102229131525b3bd0909b4cc774301fae61c555afd4874 Loading...

	sulfaro.com.au/js/jquery/1.9.1/jquery.min.js	93 kB	2023-03-07	2024-04-26
Pretty URL sulfaro.com.au/js/jquery/1.9.1/jquery.min.js IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:39:08 Times Seen23402 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	sulfaro.com.au/arvest_dsunn.zip	153 B	2023-03-08	2023-03-11
Pretty URL sulfaro.com.au/arvest_dsunn.zip IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:54:54 Last Seen2023-03-11 22:36:02 Times Seen1 Hash 719e0db413ff23cad22171061ef15781 d5c95b9bac50d9d0857af6fc2a2a3c4ab4888f85 721e1a9616ff2510f009c021bd31a7321269fc3647842ba5d1d381b857de58f2 Loading...

	sulfaro.com.au/arvest_dsunn.zip	155 B	2023-03-08	2023-03-11
Pretty URL sulfaro.com.au/arvest_dsunn.zip IP 116.0.20.85 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:54:54 Last Seen2023-03-11 22:36:02 Times Seen1 Hash 6fa9ec0ff82bd001bf23dea2672be637 3bb828199c61c6c8525e3466477b34bb038340f8 18a39bad4791d890530921c9a89ac6bc4d4ccf5dcedf7bf97c5b72fba8ac3884 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.googletagmanager.com/gtag/js?id=UA-121537796-1	115 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-121537796-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:23:08 Last Seen2023-03-11 22:23:08 Times Seen1 Hash 91fe32b605f0ef705e74bbbea6fa7561 701d9117ca2acc740d4c82f75d3cddcdc52f80a5 9c4b0a414482bc7432715335ab996a994bd656d4042c32c64e7a41a4c84e3432 Loading...

	connect.facebook.net/signals/config/845886205848062?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/845886205848062?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:54:54 Last Seen2023-03-11 22:36:02 Times Seen1 Hash 4c739d9ab42ff6d63e513f29aacab924 8ad8081de587d49c8aae5a492f604c79ddc62942 3d420ded32167b77bf0bbed99c4a94c7dbd14a7b0e6b8031cb92352856b32563 Loading...

HTTP Transactions (64)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3229
Expires: Tue, 29 Nov 2022 12:11:08 GMT
Date: Tue, 29 Nov 2022 11:17:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2646
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:19 GMT
Last-Modified: Tue, 29 Nov 2022 10:33:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 10:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3463
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17112
Expires: Tue, 29 Nov 2022 16:02:31 GMT
Date: Tue, 29 Nov 2022 11:17:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: j4/kVq/SgM9Eh8z94TkwCwImpknA9tlXh23gzVwAb9ghFwSTcg8lvSTl1x90zJk1hoOxA0w5Z7Q=
x-amz-request-id: CNWEV7QJGC58XCSF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 10:42:28 GMT
age: 2091
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 11:17:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

sulfaro.com.au/arvest_dsunn.zip

116.0.20.85

301 Moved Permanently

311 B

URL HTTP/1.1
sulfaro.com.au/arvest_dsunn.zip
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
f761d0972511bea54075516374481954
0524c6260b571944b4e3b6256c9c8e72b497df3b
598ba05c1b3fce2c754685a45186eccb62c332eae82628db74929fd96ae811c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /arvest_dsunn.zip HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 11:17:19 GMT
Server: Apache
Location: https://sulfaro.com.au/arvest_dsunn.zip
Content-Length: 311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 11:08:56 GMT
cache-control: public,max-age=3600
age: 503
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3906
Cache-Control: max-age=168875
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:19 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:11:54 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.139.17

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.139.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EMJZzVVCIUoWKXZYIBPlBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cCyU4dRUEB4qa4nUb4MxDsob5f4=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

172.217.21.170

200 OK

84 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
84 kB (84371 bytes)
Hash
42e31554f77d599c9262a1c70bb1b30c
e3eece62325030cf5fa70a38b7bef2e27a24cd48
7f0b635a269a7a070d9280da9dbe05d533e5226642b7b748c4872cf98412c560

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 84371
date: Tue, 29 Nov 2022 11:17:20 GMT
expires: Wed, 29 Nov 2023 11:17:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-121537796-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-121537796-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (44664 bytes)
Hash
ce6fef388b268fda88b45c285ef51ecb
0959335f3e24bb978cc05cc33b8276c7b31e74f6
f4fb7a6a5e6726ae1ca8e1183360afc21d0858332a8c5fa5b27190475e9b95ed

HTTP Headers

GET /gtag/js?id=UA-121537796-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 11:17:20 GMT
expires: Tue, 29 Nov 2022 11:17:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sulfaro.com.au/reset.css

116.0.20.85

200 OK

522 B

URL HTTP/1.1
sulfaro.com.au/reset.css
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text
Size
522 B (522 bytes)
Hash
1a778f08bc48226ba98ff88dc9c7ea76
c3f23817df3453f6bd5c2e8f926bbe65867b31da
0bf93afe2d5a16a8c82744b8c0d5bde32823e2c68da82617f94fb251d2f575e4

HTTP Headers

GET /reset.css HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:20 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:49 GMT
Accept-Ranges: bytes
Content-Length: 522
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sulfaro.com.au/arvest_dsunn.zip

116.0.20.85

200 OK

34 kB

URL HTTP/1.1
sulfaro.com.au/arvest_dsunn.zip
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1670)
Size
34 kB (33976 bytes)
Hash
1ac0d691632903dd6e54d1d40bb8350a
9597e14181d1e5756d80208e8e729ae67b2dd214
b31a2e274397df0303a18ee98243f13b49110bf14f72805e828bdff36dee41c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /arvest_dsunn.zip HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Tue, 29 Nov 2022 11:54:15 GMT
Date: Tue, 29 Nov 2022 11:17:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Tue, 29 Nov 2022 11:54:15 GMT
Date: Tue, 29 Nov 2022 11:17:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Tue, 29 Nov 2022 11:54:15 GMT
Date: Tue, 29 Nov 2022 11:17:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2214
Expires: Tue, 29 Nov 2022 11:54:15 GMT
Date: Tue, 29 Nov 2022 11:17:21 GMT
Connection: keep-alive

sulfaro.com.au/js/background.cycle.js

116.0.20.85

200 OK

5.2 kB

URL HTTP/1.1
sulfaro.com.au/js/background.cycle.js
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text
Size
5.2 kB (5199 bytes)
Hash
a02eda510ba65d7df3f75bbadc9e9b3f
43df1cbfd95df3f1e31008c81c340b991a24cf3a
945bbdb6e4b5bab6963daa1a06728a0db81ee4da9ab14146d8541472339e062e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/background.cycle.js HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:21 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:42:21 GMT
Accept-Ranges: bytes
Content-Length: 5199
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 23251
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8578 bytes)
Hash
4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 23:18:30 GMT
age: 43131
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 28750
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9203 bytes)
Hash
5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:49:48 GMT
age: 26853
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 23526
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:01:36 GMT
age: 8145
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sulfaro.com.au/sulfaro20201216a-1264up.css

116.0.20.85

200 OK

18 kB

URL HTTP/1.1
sulfaro.com.au/sulfaro20201216a-1264up.css
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
Unicode text, UTF-8 (with BOM) text
Size
18 kB (17848 bytes)
Hash
a1b71afc11367044c8f954bcf1e6a2ee
56d278661c7416ac4f1243c22acd4ef06c455496
90dd3eb2e5cec5c4a945c598553c13f57d7a3ae01cbb41c44feb150f48c3ddc5

HTTP Headers

GET /sulfaro20201216a-1264up.css HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:21 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 22:31:00 GMT
Accept-Ranges: bytes
Content-Length: 17848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sulfaro.com.au/js/jquery/1.9.1/jquery.min.js

116.0.20.85

200 OK

93 kB

URL HTTP/1.1
sulfaro.com.au/js/jquery/1.9.1/jquery.min.js
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text, with very long lines (32089)
Size
93 kB (92629 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:20 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:42:41 GMT
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sulfaro.com.au/images/fb.png

116.0.20.85

200 OK

1.6 kB

URL HTTP/1.1
sulfaro.com.au/images/fb.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1606 bytes)
Hash
8d51dfa4fb43a40351c68a69d6e53631
feba945924301cf35853af5e79282d3e0dbb2bac
a17e47b96fc636227afb3d6fd6aed0a4e7e8948616ce6e2e8545840389026fab

HTTP Headers

GET /images/fb.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:02 GMT
Accept-Ranges: bytes
Content-Length: 1606
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

sulfaro.com.au/images/tw.png

116.0.20.85

200 OK

2.4 kB

URL HTTP/1.1
sulfaro.com.au/images/tw.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2406 bytes)
Hash
aebac86c52f179ff000b5973acfb1662
698f1e1fb144898cd89286929f2c33a17b322909
2da58a02b52f0634c7f4d7cacbb2706cf893feb9c92213be713404a3af2d6899

HTTP Headers

GET /images/tw.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:09:08 GMT
Accept-Ranges: bytes
Content-Length: 2406
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

sulfaro.com.au/images/ig.png

116.0.20.85

200 OK

2.3 kB

URL HTTP/1.1
sulfaro.com.au/images/ig.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2264 bytes)
Hash
9388594b2e0eaa3070958b872cdf7903
4331ffe68406ec532348d72dd00118c8b3483994
484dfc85f38bbd804697b367257db2fafc005cdc7e61c700e57f25a4b080bf5f

HTTP Headers

GET /images/ig.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:09 GMT
Accept-Ranges: bytes
Content-Length: 2264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

sulfaro.com.au/sulfaro20201216a-0to700.css

116.0.20.85

200 OK

19 kB

URL HTTP/1.1
sulfaro.com.au/sulfaro20201216a-0to700.css
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text
Size
19 kB (18866 bytes)
Hash
408b2bbb4f5f47b27aae05899af55c6c
310e6a353e1f5311812d7469b3493196a101a695
fbc3ac2efb7dbdb6847d35010f7c7907217e004f68023466a8a2b8059bb35148

HTTP Headers

GET /sulfaro20201216a-0to700.css HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:46 GMT
Accept-Ranges: bytes
Content-Length: 18866
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

sulfaro.com.au/sulfaro20201216a-701to1023.css

116.0.20.85

200 OK

18 kB

URL HTTP/1.1
sulfaro.com.au/sulfaro20201216a-701to1023.css
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text
Size
18 kB (17773 bytes)
Hash
ce644334e355e945836d0e1667b9a68a
781cfa38fd3cc6424df8a10b922963375fb396a8
e0bf4439b050abe2f98669897d31bb6bac581dd0c7a178a2c003b0482a7ffc91

HTTP Headers

GET /sulfaro20201216a-701to1023.css HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:45 GMT
Accept-Ranges: bytes
Content-Length: 17773
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

sulfaro.com.au/sulfaro20201216a-1024to1263.css

116.0.20.85

200 OK

18 kB

URL HTTP/1.1
sulfaro.com.au/sulfaro20201216a-1024to1263.css
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
ASCII text
Size
18 kB (17729 bytes)
Hash
ffae73c9abf1c635ae3c8cb18244d960
20ff46a75d5ab33eaf905cc05c8edde0dd318de4
efdde3a9378891fca475245f7752090305fe12b385d3f3af025dbabfbb8a3808

HTTP Headers

GET /sulfaro20201216a-1024to1263.css HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 03:21:45 GMT
Accept-Ranges: bytes
Content-Length: 17729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

sulfaro.com.au/images/sulfaro-logo-grey.png

116.0.20.85

200 OK

40 kB

URL HTTP/1.1
sulfaro.com.au/images/sulfaro-logo-grey.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 1000 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (40436 bytes)
Hash
8359ac91ff347c654ff9da9103c416f3
39e5d40f7b7ec0bf2d7d81eee28d28e61fddc8b5
d81dccefde5867f1f7334336b8c24721260934a682f9c7c33f5d7beddf395479

HTTP Headers

GET /images/sulfaro-logo-grey.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:35 GMT
Accept-Ranges: bytes
Content-Length: 40436
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

sulfaro.com.au/fonts/AGaramondProRegular.woff2

116.0.20.85

200 OK

0 B

URL HTTP/1.1
sulfaro.com.au/fonts/AGaramondProRegular.woff2
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/AGaramondProRegular.woff2 HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Thu, 08 Apr 2021 04:43:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2

sulfaro.com.au/images/job-link.png

116.0.20.85

200 OK

36 kB

URL HTTP/1.1
sulfaro.com.au/images/job-link.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 560 x 560, 8-bit/color RGB, non-interlaced\012- data
Size
36 kB (36353 bytes)
Hash
f66df1ea9188d7c3bdab026a08ee22f9
23492de86a3896d10024fd334fd2873820fa7fdf
68bc5727c9427fbee70ec6239ee088a308f49af271477f4eef73f8c0fddfc348

HTTP Headers

GET /images/job-link.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:10 GMT
Accept-Ranges: bytes
Content-Length: 36353
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

region1.google-analytics.com/g/collect?v=2&tid=G-S22Q0VJYFY&gtm=2oeb90&_p=1386609830&cid=455981822.1669720642&ul=en-us&sr=1280x1024&_s=1&sid=1669720641&sct=1&seg=0&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&dt=Sulfaro%20Furniture&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-S22Q0VJYFY&gtm=2oeb90&_p=1386609830&cid=455981822.1669720642&ul=en-us&sr=1280x1024&_s=1&sid=1669720641&sct=1&seg=0&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&dt=Sulfaro%20Furniture&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-S22Q0VJYFY&gtm=2oeb90&_p=1386609830&cid=455981822.1669720642&ul=en-us&sr=1280x1024&_s=1&sid=1669720641&sct=1&seg=0&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&dt=Sulfaro%20Furniture&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sulfaro.com.au
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://sulfaro.com.au
date: Tue, 29 Nov 2022 11:17:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sulfaro.com.au/fonts/AGaramondProRegular.woff

116.0.20.85

200 OK

0 B

URL HTTP/1.1
sulfaro.com.au/fonts/AGaramondProRegular.woff
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/AGaramondProRegular.woff HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Cookie: _ga_S22Q0VJYFY=GS1.1.1669720641.1.0.1669720641.0.0.0; _ga=GA1.1.455981822.1669720642
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:23 GMT
Server: Apache
Last-Modified: Thu, 08 Apr 2021 04:43:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

sulfaro.com.au/images/traditional-upholstered-sofas-and-chairs.jpg

116.0.20.85

200 OK

269 kB

URL HTTP/1.1
sulfaro.com.au/images/traditional-upholstered-sofas-and-chairs.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x1103, components 3\012- data
Size
269 kB (269280 bytes)
Hash
dcb624a8845eb67c3efb9d8618e0cd0b
b7b165de5508cdbef758b2514c5a85caac1a3f2a
13ac1ee662c3dcd96f0f49c407a75831973bb568f77275a57e115ed51ca7f12d

HTTP Headers

GET /images/traditional-upholstered-sofas-and-chairs.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:51 GMT
Accept-Ranges: bytes
Content-Length: 269280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/sulfaro-signature-range-upholstered-sofas.jpg

116.0.20.85

200 OK

365 kB

URL HTTP/1.1
sulfaro.com.au/images/sulfaro-signature-range-upholstered-sofas.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x947, components 3\012- data
Size
365 kB (364988 bytes)
Hash
01af0567e5b091009b93638025020aea
2b531ab4368ca62e00edfa94d73a58c1446820df
7b6467380480cef7dc0eca8c0301db0c60782fad40d36a5a7c39a1abfda76d6c

HTTP Headers

GET /images/sulfaro-signature-range-upholstered-sofas.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:43 GMT
Accept-Ranges: bytes
Content-Length: 364988
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/modern-contemporary-sofas-and-chairs.jpg

116.0.20.85

200 OK

201 kB

URL HTTP/1.1
sulfaro.com.au/images/modern-contemporary-sofas-and-chairs.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x926, components 3\012- data
Size
201 kB (201160 bytes)
Hash
7a27255ed9b8ad446eadc24cf5253378
501f40bc29e6cc79134f4ef0400fae21f958f2d3
20c0cc563671d9477773f2c35d4e1c4f9fed728a07e45e270d00c89816bdb527

HTTP Headers

GET /images/modern-contemporary-sofas-and-chairs.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:47 GMT
Accept-Ranges: bytes
Content-Length: 201160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/recliners-motion-suites.jpg

116.0.20.85

200 OK

185 kB

URL HTTP/1.1
sulfaro.com.au/images/recliners-motion-suites.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=947, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=1400], progressive, precision 8, 1400x947, components 3\012- data
Size
185 kB (184940 bytes)
Hash
9399fbba4978181226d1dab40c0ba685
a69c9dcf5f7a5dadd20dc741c0c69d606a7ea88e
df49436731981357e0ee4ac1e6ee2b2a423a26c285247cd025d177c71770a24c

HTTP Headers

GET /images/recliners-motion-suites.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:24 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:22:59 GMT
Accept-Ranges: bytes
Content-Length: 184940
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/decor-and-design-accessories.jpg

116.0.20.85

200 OK

264 kB

URL HTTP/1.1
sulfaro.com.au/images/decor-and-design-accessories.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x947, components 3\012- data
Size
264 kB (264151 bytes)
Hash
c7671bdef5ad5014b51a3442d74f22bb
daaaf9bc857bed42336e35cc84d92c019f96d0b1
f0cab59085f33288f69eaf010030899dd90c4ec2e14837de2f3f8064d400b53c

HTTP Headers

GET /images/decor-and-design-accessories.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:23 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:56 GMT
Accept-Ranges: bytes
Content-Length: 264151
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/classic-style-sofas-and-chairs-hamptons-range.jpg

116.0.20.85

200 OK

245 kB

URL HTTP/1.1
sulfaro.com.au/images/classic-style-sofas-and-chairs-hamptons-range.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1400x938, components 3\012- data
Size
245 kB (245115 bytes)
Hash
0ecdc756743fed17ff3271c37df9596d
1dff1c71b49235cbd562a95df07118bf271c3f2b
b5f9c8057ff1a2a0d87458195f0804a92a84d1ffeb68ffb19e89f1742ab31dc8

HTTP Headers

GET /images/classic-style-sofas-and-chairs-hamptons-range.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:23 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:45 GMT
Accept-Ranges: bytes
Content-Length: 245115
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/camelot-scatter-back-sofa.jpg

116.0.20.85

200 OK

422 kB

URL HTTP/1.1
sulfaro.com.au/images/camelot-scatter-back-sofa.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1055, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
422 kB (421923 bytes)
Hash
62d4abc3337791b01c7d8f6f3332ee05
4f44aa4791e5721acb81db3ea3ee28925fbfb350
639e44f2a13d82ef32e1a0fefa45dd6228333ca9f21a8dfa4e0265ec450fae54

HTTP Headers

GET /images/camelot-scatter-back-sofa.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:22 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:39 GMT
Accept-Ranges: bytes
Content-Length: 421923
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/fonts/AGaramondProRegular.ttf

116.0.20.85

200 OK

203 kB

URL HTTP/1.1
sulfaro.com.au/fonts/AGaramondProRegular.ttf
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
TrueType Font data, 16 tables, 1st "BASE", 24 names, Macintosh\012- data
Size
203 kB (203060 bytes)
Hash
9f53123748340a3492531a80c35261a3
2e344885093305e67137c06dabf26d6aadc21bc5
fcae68cb4f01b66fde95e8ca2e72e6a3e4947848dd7c2c46edd9467df5dcd88d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/AGaramondProRegular.ttf HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/sulfaro20201216a-1264up.css
Cookie: _ga_S22Q0VJYFY=GS1.1.1669720641.1.0.1669720641.0.0.0; _ga=GA1.1.455981822.1669720642
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:23 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 01:32:53 GMT
Accept-Ranges: bytes
Content-Length: 203060
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf

sulfaro.com.au/images/upholstered-sofa-coco-t-cushion.jpg

116.0.20.85

200 OK

353 kB

URL HTTP/1.1
sulfaro.com.au/images/upholstered-sofa-coco-t-cushion.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=962, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
353 kB (352982 bytes)
Hash
379a0cb7f480f568c0c2f621074553f7
798fd8170ee3c374054c630163b965b52b07e3af
2b123b0777534a55eddfb10c0ae9bf295b654d394b2196fc9367032f585bfd94

HTTP Headers

GET /images/upholstered-sofa-coco-t-cushion.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:24:46 GMT
Accept-Ranges: bytes
Content-Length: 352982
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/tribeca-sofa-charlotte-queen-anne-armchair-and-matching-upholstered-ottoman.jpg

116.0.20.85

200 OK

392 kB

URL HTTP/1.1
sulfaro.com.au/images/tribeca-sofa-charlotte-queen-anne-armchair-and-matching-upholstered-ottoman.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1138, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
392 kB (392226 bytes)
Hash
913ba1d2fd5b1550b2067b8ef5800644
a7327c60a01d7309e1d2d7d5b4d22db0b51bfc5b
abf4e5f4865c6fe172e432ad7eb20d44bc6b7116d08268aadde21496457b7a4b

HTTP Headers

GET /images/tribeca-sofa-charlotte-queen-anne-armchair-and-matching-upholstered-ottoman.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:08:53 GMT
Accept-Ranges: bytes
Content-Length: 392226
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/lawrence-sofa-and-matching-chairs.jpg

116.0.20.85

200 OK

309 kB

URL HTTP/1.1
sulfaro.com.au/images/lawrence-sofa-and-matching-chairs.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=765, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
309 kB (309252 bytes)
Hash
d8c6eaea1f234387c1c12b81aa117da2
4f03801aab13dffc425a6e87ffe120a772cf76d4
85bc54d705f0d52c3f79d195c2f5ae1a0e95ad7e8adde712faf781b8d95e7c97

HTTP Headers

GET /images/lawrence-sofa-and-matching-chairs.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:24 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:06:28 GMT
Accept-Ranges: bytes
Content-Length: 309252
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/euro-chaise-lounge-suite-sofa-modular.jpg

116.0.20.85

200 OK

261 kB

URL HTTP/1.1
sulfaro.com.au/images/euro-chaise-lounge-suite-sofa-modular.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1027, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
261 kB (261015 bytes)
Hash
5762fb82e88e3d06bf12c2f43c2e205b
f969819057dcd3ffa1fd833c4e790b1b8d7dce55
2be155fec20de04d0b37472324cda11f51cedecb138a355ebd372d8cc3ba3c37

HTTP Headers

GET /images/euro-chaise-lounge-suite-sofa-modular.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:05:42 GMT
Accept-Ranges: bytes
Content-Length: 261015
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/tribeca-sofa-with-wing-chairs-and-matched-ottomans.jpg

116.0.20.85

200 OK

429 kB

URL HTTP/1.1
sulfaro.com.au/images/tribeca-sofa-with-wing-chairs-and-matched-ottomans.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1076, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
429 kB (428827 bytes)
Hash
6c1236ce6fa868c34ebe30d8e1fcf5b4
9569b8579436ef25d0e33ba4b12562ebabad8e9a
95748a9bd057864ee5259223f5bafbe6afb152f51a81fb082d108f929fbb1259

HTTP Headers

GET /images/tribeca-sofa-with-wing-chairs-and-matched-ottomans.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:09:08 GMT
Accept-Ranges: bytes
Content-Length: 428827
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/classic-london-sofa-and-lounge-suite.jpg

116.0.20.85

200 OK

376 kB

URL HTTP/1.1
sulfaro.com.au/images/classic-london-sofa-and-lounge-suite.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1111, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
376 kB (376477 bytes)
Hash
bd7aa8d97288b44ef28419b8c62f5771
f3fb32c50f1178f03b7ab96b761c47f8c4255135
ea2b91c9daad62c07dfe996ee5907b3f75f933d3eaa9e94931eddf75e0c8fade

HTTP Headers

GET /images/classic-london-sofa-and-lounge-suite.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:20:52 GMT
Accept-Ranges: bytes
Content-Length: 376477
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/studio-t-modern-contemporary-sofa.jpg

116.0.20.85

200 OK

262 kB

URL HTTP/1.1
sulfaro.com.au/images/studio-t-modern-contemporary-sofa.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1051, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
262 kB (261847 bytes)
Hash
23e43b90685a00a28c75c73659eb4526
8b63e463ffbf344573c7ac78cbd95daf79b4137e
fab49d339e5b32c25dfec89d68feea885fedfae304fc52d09700d23d812f7543

HTTP Headers

GET /images/studio-t-modern-contemporary-sofa.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:26 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:23:45 GMT
Accept-Ranges: bytes
Content-Length: 261847
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sulfaro.com.au/images/euro-upholstered-sofa-with-occasional-chair.jpg

116.0.20.85

200 OK

299 kB

URL HTTP/1.1
sulfaro.com.au/images/euro-upholstered-sofa-with-occasional-chair.jpg
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=1101, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=2000], progressive, precision 8, 2000x1000, components 3\012- data
Size
299 kB (299111 bytes)
Hash
d953472e38f9d0030485d332311926dd
6d3f470a981b9b53a3b9be77755e24280445950e
56441ed72138e4adcf8e93967b9ba16ee1f9901298f89ca0cfb3c8a448097da1

HTTP Headers

GET /images/euro-upholstered-sofa-with-occasional-chair.jpg HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:25 GMT
Server: Apache
Last-Modified: Wed, 29 Jan 2020 03:06:01 GMT
Accept-Ranges: bytes
Content-Length: 299111
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4083
Cache-Control: max-age=90584
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:26 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:27:10 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 10:41:08 GMT
expires: Tue, 29 Nov 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 2178
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: N4xSZiOYmmCplEjhfdyD0BL5oCTz/Z439+csxKqD6hA+bSF+Bkb4FFCqgvR3NxmnFCQTiFvjeOMDHw8O6PyKzg==
content-length: 27340
x-fb-trip-id: 2074150462
date: Tue, 29 Nov 2022 11:17:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4084
Cache-Control: max-age=90584
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 11:17:27 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 12:27:11 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

sulfaro.com.au/images/favicon.png

116.0.20.85

200 OK

1.2 kB

URL HTTP/1.1
sulfaro.com.au/images/favicon.png
IP
116.0.20.85:0
ASN
#38719 Dreamscape Networks Limited

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1239 bytes)
Hash
a934e97087508ea02610c701e1d78857
4280d123cecd06a7604c8c166767e216c55e1466
0501be756fc74efd3383da785e88f0364baf653c2259ac69a929848fe4885db0

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: sulfaro.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/arvest_dsunn.zip
Cookie: _ga_S22Q0VJYFY=GS1.1.1669720641.1.0.1669720641.0.0.0; _ga=GA1.1.455981822.1669720642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:17:27 GMT
Server: Apache
Last-Modified: Sun, 16 Feb 2020 23:21:02 GMT
Accept-Ranges: bytes
Content-Length: 1239
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.facebook.com/tr/?id=845886205848062&ev=PageView&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&rl=&if=false&ts=1669720646387&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669720646385.1959377198&it=1669720646202&coo=false&rqm=GET

31.13.72.36

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=845886205848062&ev=PageView&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&rl=&if=false&ts=1669720646387&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669720646385.1959377198&it=1669720646202&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86015 bytes)
Hash
f0dd8bb6eb5d778c2095d0abd4198ff0
0517034ed2ecf3839451b49c306c77adb32ba1a8
8733bace7d350d967f22be132aaf6681806e2410d3fe492d61444577b8ec1518

HTTP Headers

GET /tr/?id=845886205848062&ev=PageView&dl=https%3A%2F%2Fsulfaro.com.au%2Farvest_dsunn.zip&rl=&if=false&ts=1669720646387&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669720646385.1959377198&it=1669720646202&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sulfaro.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 11:17:27 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 48634
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP