Overview

URL tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d
IP85.234.151.73
ASNSimply Transit Ltd
Location United Kingdom
Report completed2022-07-06 04:38:29 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 tofi.it/alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js Phishing
2022-07-06 2 tofi.it/enroll/ScriptLib/md5.js Phishing
2022-07-06 2 tofi.it/alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js Phishing
2022-07-06 2 tofi.it/alaska/ScriptLib/DotNetScripts_v4.js Phishing
2022-07-06 2 tofi.it/alaska/ScriptLib/AriaLib.js Phishing
2022-07-06 2 tofi.it/alaska/Scripts/jquery-1.10.2.js Phishing
2022-07-06 2 tofi.it/enroll/ScriptLib/md5.js Phishing
2022-07-06 2 www.tofi.it/alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js Phishing
2022-07-06 2 tofi.it/alaska/ScriptLib/DotNetScripts_v4.js Phishing
2022-07-06 2 tofi.it/alaska/ScriptLib/AriaLib.js Phishing
2022-07-06 2 tofi.it/alaska/Scripts/jquery-1.10.2.js Phishing
2022-07-06 2 www.tofi.it/enroll/ScriptLib/md5.js Phishing
2022-07-06 2 www.tofi.it/alaska/ScriptLib/DotNetScripts_v4.js Phishing
2022-07-06 2 www.tofi.it/alaska/ScriptLib/AriaLib.js Phishing
2022-07-06 2 www.tofi.it/alaska/Scripts/jquery-1.10.2.js Phishing
2022-07-06 2 tofi.it/enroll/ScriptLib/md5.js Phishing
2022-07-06 2 tofi.it/enroll/ScriptLib/md5.js Phishing
2022-07-06 2 www.tofi.it/enroll/ScriptLib/md5.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-05 04:59:43 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-05 05:12:14 UTC 54.230.111.99
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] tofi.it (39) 0 2019-11-20 05:37:18 UTC 2022-07-05 21:35:08 UTC 85.234.151.73 Unknown ranking
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-05 05:12:14 UTC 35.86.38.2
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] ocsp.digicert.com (5) 86 2012-11-29 12:49:49 UTC 2022-07-05 22:46:12 UTC 93.184.220.29
[Mnemonic Passive DNS] www.alaskausa.org (10) 258465 2017-05-14 01:33:16 UTC 2020-09-09 07:00:54 UTC 107.162.171.161
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-05 12:56:13 UTC 34.120.237.76
[Mnemonic Passive DNS] www.tofi.it (18) 0 2019-11-20 05:37:18 UTC 2022-07-06 03:38:25 UTC 85.234.151.73 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 85.234.151.73

Date UQ / IDS / BL URL IP
2022-07-14 02:35:51 +0000
0 - 0 - 28 tofi.it/alk/zeam.zip 85.234.151.73
2022-07-12 14:44:52 +0000
0 - 0 - 25 www.tofi.it/css/docusign.net/DocuSign/244129d (...) 85.234.151.73
2022-07-12 14:28:46 +0000
0 - 0 - 25 tofi.it/welbin-webcatche/upgrade%20_2%20_1/up (...) 85.234.151.73
2022-07-12 02:11:08 +0000
0 - 0 - 3 tofi.it/ 85.234.151.73
2022-07-07 08:24:06 +0000
0 - 0 - 23 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 22:06:42 +0000
0 - 0 - 22 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 22:06:40 +0000
0 - 0 - 24 tofi.it/alaska/login.php?cmd=login_submit&id= (...) 85.234.151.73
2022-07-06 15:36:43 +0000
0 - 0 - 23 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 15:36:41 +0000
0 - 0 - 24 tofi.it/alaska/login.php?cmd=login_submit&id= (...) 85.234.151.73
2022-07-06 15:11:46 +0000
0 - 0 - 22 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73

Last 10 reports on ASN: Simply Transit Ltd

Date UQ / IDS / BL URL IP
2022-08-16 05:02:28 +0000
0 - 0 - 18 negoziatoriprofessionisti.it/ 151.236.38.116
2022-08-15 20:55:59 +0000
0 - 0 - 16 www.enarmadbandit.org/ 213.229.101.106
2022-08-09 08:39:55 +0000
0 - 0 - 2 agrpartati.info/ 94.76.228.135
2022-08-08 19:47:24 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg10 151.236.38.234
2022-08-08 19:47:21 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg12 151.236.38.234
2022-08-08 19:47:15 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg7 151.236.38.234
2022-08-08 19:47:11 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg6 151.236.38.234
2022-08-08 19:47:04 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg14 151.236.38.234
2022-08-08 19:47:02 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg11 151.236.38.234
2022-08-08 19:46:55 +0000
0 - 0 - 1 151.236.38.234/ffwgrgrgfg3 151.236.38.234

Last 10 reports on domain: tofi.it

Date UQ / IDS / BL URL IP
2022-07-14 02:35:51 +0000
0 - 0 - 28 tofi.it/alk/zeam.zip 85.234.151.73
2022-07-12 14:44:52 +0000
0 - 0 - 25 www.tofi.it/css/docusign.net/DocuSign/244129d (...) 85.234.151.73
2022-07-12 14:28:46 +0000
0 - 0 - 25 tofi.it/welbin-webcatche/upgrade%20_2%20_1/up (...) 85.234.151.73
2022-07-12 02:11:08 +0000
0 - 0 - 3 tofi.it/ 85.234.151.73
2022-07-07 08:24:06 +0000
0 - 0 - 23 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 22:06:42 +0000
0 - 0 - 22 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 22:06:40 +0000
0 - 0 - 24 tofi.it/alaska/login.php?cmd=login_submit&id= (...) 85.234.151.73
2022-07-06 15:36:43 +0000
0 - 0 - 23 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73
2022-07-06 15:36:41 +0000
0 - 0 - 24 tofi.it/alaska/login.php?cmd=login_submit&id= (...) 85.234.151.73
2022-07-06 15:11:46 +0000
0 - 0 - 22 www.tofi.it/alaska/login.php?cmd=login_submit (...) 85.234.151.73


JavaScript

Executed Scripts (5)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (88)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 03:56:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UPYn-S4AoMxQPIVXu_T2IyyWrbx5DwUExLXnhrKL-TVhSr-9rfE9nA==
Age: 2536


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 06 Jul 2022 06:08:54 GMT
Date: Wed, 06 Jul 2022 04:38:16 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dZhkrVZSiQzjRh9jobevix8yisQb36Sa198Fr4q6Knwmu6Zy5pwGyA==
age: 4291
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 04:38:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         85.234.151.73
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (38668)
Size:   76265
Md5:    3c73eaf1954b5096f5d6e5558afbf1c4
Sha1:   2ec36d5f1c5aa5e58a2716963a5051ad459df138
Sha256: 98a0aaaed2b8232228aafa462444ce4ad732ce5bc96a968bd89a086ed67eed5a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3590
Cache-Control: max-age=97466
Date: Wed, 06 Jul 2022 04:38:17 GMT
Etag: "62c3dd6d-1d7"
Expires: Thu, 07 Jul 2022 07:42:43 GMT
Last-Modified: Tue, 05 Jul 2022 06:42:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3825
Cache-Control: max-age=97701
Date: Wed, 06 Jul 2022 04:38:17 GMT
Etag: "62c3dd6d-1d7"
Expires: Thu, 07 Jul 2022 07:46:38 GMT
Last-Modified: Tue, 05 Jul 2022 06:42:53 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3588
Cache-Control: max-age=97464
Date: Wed, 06 Jul 2022 04:38:17 GMT
Etag: "62c3dd6d-1d7"
Expires: Thu, 07 Jul 2022 07:42:41 GMT
Last-Modified: Tue, 05 Jul 2022 06:42:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: ECS (amb/6B89)
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 06 Jul 2022 04:34:59 GMT
Cache-Control: max-age=3600
Expires: Wed, 06 Jul 2022 04:58:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QlCTRKm3qWb3CmMuY-ndKvHZ1PWSwDQTBp91hqFek3su9N5kqOMeYg==
Age: 201


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2706
Cache-Control: max-age=101609
Date: Wed, 06 Jul 2022 04:38:17 GMT
Etag: "62c3f110-1d7"
Expires: Thu, 07 Jul 2022 08:51:46 GMT
Last-Modified: Tue, 05 Jul 2022 08:06:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/akusa-express.css HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Thu, 30 Jun 2022 20:52:58 GMT
Accept-Ranges: bytes
ETag: "538a2b61c38cd81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:16 GMT
Via: 1.1 dca1-bit8010
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   4644
Md5:    825350f09acb37cf5ec0cac6016f5c8d
Sha1:   253d99cb60408d7f60734dcaf60abe848b4281c9
Sha256: 4afa21fd07b5e1574b4637b41e29ae2e93176e941d172c1476ca7fa947f7834e
                                        
                                            GET /angelfish.js HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Thu, 30 Jun 2022 20:52:57 GMT
Accept-Ranges: bytes
ETag: "2b438260c38cd81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:16 GMT
Content-Length: 8704
Via: 1.1 dca1-bit8010
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   8704
Md5:    23acb6d2cd2e079bfe986f0761b957d5
Sha1:   bb1cf7660324be47645c3e239b6fa51faa7421ea
Sha256: ad8da576b2060355b1ed4f753cb2a19ee37bba690f9fff2442a2654e55f235eb
                                        
                                            GET /alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jsSuite-1.8.js HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 302 Object moved
Content-Type: text/html
                                        
Cache-Control: private
Location: /pageUnavailable.asp?status=missing
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:17 GMT
Via: 1.1 dca1-bit8010
Set-Cookie: ASPSESSIONIDAUCAARBT=ADPBCNDCACAOGFGHICEBNANG; secure; path=/ TS01682a2f=01775417a25e8815f6029ba87ac6956b2634969f92deb66d6acaa21d4f0b127f814a18b0d32135c3923bc72a460ce08efd3dafccf7fc8aa93456b51b375ab9e7f3916af839; Path=/; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   158
Md5:    a6730c495428d38ee61106108ee68bed
Sha1:   144a27e215f87fb0243fe67383cead4ef9578ff4
Sha256: 4db93ed2a3dc72cfa7326a728841ac519bb13d5a081f4a499193a0ad2191a80d
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5vEh0FYWHATj/aCgxZc8XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.86.38.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i9ni3C79n00xGavhXz24sU5zl7w=

                                        
                                            GET /pageUnavailable.asp?status=missing HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200
Content-Type: text/html
                                        
Cache-Control: private
Set-Cookie: ss=c; expires=Fri, 05-Aug-2022 04:38:16 GMT; path=/ lst=2126176639; expires=Wed, 06-Jul-2022 04:53:16 GMT; domain=.alaskausa.org; path=/; secure ASPSESSIONIDAWRTRQRR=PMBCPDICNAHBGILFMBALNGKD; secure; path=/; HttpOnly TS01682a2f=01775417a28673a9c4809509f876e659b1e9d2e51634c32ebdedd98bb9fc91dd129735eec2bb68a630f1f316358688d4b55cb417624b3dc5d8ad3e77aaf7d9a2d65b5bd047fd2e712460636b0a9a106125242c7fc1; Path=/; Secure; HTTPOnly TS013395ac=01775417a22698a04e3b3b72f5badfbd3bcb4f1ab434c32ebdedd98bb9fc91dd129735eec21897f07480db25823621136deb6d8dacc7a9a9196eea2d7687968fdb3fb0baf2; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:17 GMT
Via: 1.1 dca1-bit8010
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (539), with CRLF, LF line terminators
Size:   12964
Md5:    d187c7b66302b6f799cdb0ac8be09e8e
Sha1:   9424d2fa26d330fc0e884e1cfab74891a04918f4
Sha256: cfbfe97f69b6f3b9117c994e3270be971f4e2936f0970007f1d1982074309556
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptLib/md5.js
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/jquery-1.11.3.min.js HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Thu, 30 Jun 2022 20:55:10 GMT
Accept-Ranges: bytes
ETag: "608519b0c38cd81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:17 GMT
Via: 1.1 dca1-bit8010
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   45711
Md5:    cf54b56dbd2adb27eb44fe6defb747e6
Sha1:   78e81335c5c317f9d56877d2f011a74a50910dd8
Sha256: 9256346dc8067ab6665a68fe1590b676d13f8ecd353fa2676ec372a2f3338a94
                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            GET /alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9070
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 04:38:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9070
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 04:38:19 GMT
Connection: keep-alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9070
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 04:38:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9070
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 04:38:19 GMT
Connection: keep-alive

                                        
                                            GET /alaska/ScriptLib/DotNetScripts_v4.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/ScriptLib/DotNetScripts_v4.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb6c586-bb86-4a54-bd48-f2b5da763e74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7117
x-amzn-requestid: 7cfe344b-f098-4260-bb50-6574786e6ee2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BW8HnbIAMFkrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5f-14a960ac060d2d120cb0ad7c;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0F6ZVkqKywgjh9Qa1DJw_-rdOLcc1tzEll0J58NeawksoIu9nY1a-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:32 GMT
age: 24467
etag: "01efbdf6b2ab79332bf6a22d36472e294732aa17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7117
Md5:    b4ead2bdcbc998a5685d65a26e40ce1a
Sha1:   01efbdf6b2ab79332bf6a22d36472e294732aa17
Sha256: 04399a91345db4f89bdbbb9ddb30db0f2a0c29654491b38bb1a30bd40c4f3e48
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb27cd33-0557-4e9f-afa8-36973b921638.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11085
x-amzn-requestid: 82a2d755-e6c4-42dd-968b-68139eb0ca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqG7yIAMFX4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-632afe61133c32b9404293aa;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CLeqn9TVpVeuhmnHl5NYGZrdVUMiKhGmJjB2lq_jDZYjQ9dxKHjRHQ==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:39 GMT
age: 25240
etag: "c2d6d0adbf9ddb01fb9e8e89398504c31720f99c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11085
Md5:    5552141e4ff21ea5cdfb3ee3cf7099a2
Sha1:   c2d6d0adbf9ddb01fb9e8e89398504c31720f99c
Sha256: 27bbe0ad182a253333e32623db676ef00298acc21c6195c0a7ca7a4c3c2b0b12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24a4e9ec-f2d8-496d-8bf5-4a09a1c529ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6451
x-amzn-requestid: 1aea88d2-bb3a-4c4d-9ad9-bcc717493d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BtlHJ1IAMFlVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aff0-2fe5fbde52a985f4692b5d86;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ay1wAs7K4Qj0kFA5gLmh2a7FBkMA-WvBsh68bB7OwRHreBVUDyl-kA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 22:12:24 GMT
etag: "9ab38400f242963b5e02b94fbdc7757dfe3b99f9"
content-type: image/jpeg
age: 23155
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6451
Md5:    be33cac352975a54b76edc4da7656a91
Sha1:   9ab38400f242963b5e02b94fbdc7757dfe3b99f9
Sha256: d29bdd7fcc9bfe862ff29fa52089ad9670141cef385d4bc7926ceb6e43612fba
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utd8tEKYIAMFbmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wcT3TQNc1zixQ773IGnG_ghBAa2ELekTK0IyHJ3q_7RrgUTZ83spGQ==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:11:53 GMT
age: 5186
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde8f4008-69f3-4766-a957-006ebc39d2e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9047
x-amzn-requestid: 8e0eccf9-7f3e-4333-a5d7-a35dd0e068eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BU0HNmoAMFaQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af51-1d81f8e10200694125ede95f;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:25 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4HkBGv-aAOwIfyBaFSIlfMPFqYYUaIDzTfUADctfm1g3COtQS_UojA==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:58 GMT
age: 24441
etag: "7aa6cd994a565c8b6832d48c1e36b17f33621e90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9047
Md5:    bb2f16af747cd633f71de1966771b532
Sha1:   7aa6cd994a565c8b6832d48c1e36b17f33621e90
Sha256: b61a354007e630a3be3ae0c2c2336d3dd71cec02eab7b4234ebb40f69561acf0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84f597b-27f5-4aa5-a416-9b7af03690c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5579
x-amzn-requestid: 1dd88ff3-004d-4979-9b03-c67dd1674eed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UyBktHjloAMFyag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c3e2ea-774b45f11971772d475320bf;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 07:06:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IhR8lAxRY1o4VDRqN2Cn2eP_WLH2M0iCGMHpRmB0oUuoKpwu0aOgeA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 07:16:48 GMT
age: 76891
etag: "88adaa91cabcf87f2b679e051c1da464cb297c00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5579
Md5:    2ef62ce237842260bf38afba9e210e79
Sha1:   88adaa91cabcf87f2b679e051c1da464cb297c00
Sha256: e00daace4e4d73799343aee18cbc8c64735221636908b8760bbc52a4d84353b0
                                        
                                            GET /alaska/ScriptLib/AriaLib.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/ScriptLib/AriaLib.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:18 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /alaska/Scripts/jquery-1.10.2.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:18 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/Scripts/jquery-1.10.2.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:18 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptLib/md5.js
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:18 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40707
Md5:    37d3de65783897e91c4e60a25733e3df
Sha1:   1be20c279e4b16f8847b424c719c1b85fc3b468f
Sha256: 3d9348a158d061f06286a962c1e2f3edc7a1afa03f94c0a9891b7db15caf206b
                                        
                                            GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

                                        
                                            GET /alaska/ScriptLib/jquery/jquery.maskedinput-1.4.1.min.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40702
Md5:    6e6ec616032d46cb5b815d9c0c6b4c36
Sha1:   9777b1bc3d7e1f3d166598b6d930a7383c99c877
Sha256: 6ba043695b97d0c879676157b9725a217e83d9a680e14a4da07d4d560685ff34

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/ScriptLib/DotNetScripts_v4.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/ScriptLib/DotNetScripts_v4.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/ScriptLib/AriaLib.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/ScriptLib/AriaLib.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40627
Md5:    08f382a9868db6518b592c005801ab2b
Sha1:   d76bfe849447b2d4add48364e06db34c178b6235
Sha256: 751796a6c3809cf8a22b94852cf83cbaa2a8a112c584e72631ac78ddc72f1baa
                                        
                                            GET /js/jsSuite-1.8.js HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 302 Object moved
Content-Type: text/html
                                        
Cache-Control: private
Location: /pageUnavailable.asp?status=missing
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:19 GMT
Via: 1.1 dca1-bit8010
Set-Cookie: ASPSESSIONIDSWBQCTAT=HCDPFLNBMPOJFKICCLGPFENJ; secure; path=/ TS01682a2f=01775417a24fd37a848a8bac966f0447a6f29a0539cb171c43a05a14b0048ff9fc2a429dd7ebd4c6e7f4e62424ef6270f0c982cf850ef594787c84915103cccbccc64c15fa; Path=/; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   158
Md5:    a6730c495428d38ee61106108ee68bed
Sha1:   144a27e215f87fb0243fe67383cead4ef9578ff4
Sha256: 4db93ed2a3dc72cfa7326a728841ac519bb13d5a081f4a499193a0ad2191a80d
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40704
Md5:    5881040a139f8399b16dc8d6d4862341
Sha1:   be2709a5ef825080ab97f31ab21420afd88d0c0c
Sha256: 3022ad9a5bbe3073f673c778234df67c465485a7f6cc45bfc3d48c4ce386b338
                                        
                                            GET /alaska/Scripts/jquery-1.10.2.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/Scripts/jquery-1.10.2.js
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40707
Md5:    a33bb3b3c2986efb7f85ced795e6aa5d
Sha1:   25d91a921d51590b55b051d41073e5a95bf05f1e
Sha256: ff1335be837fc2d599e914ddb906e2443430e7a3fe04e7dbe249509bf7f3fd59
                                        
                                            GET /pageUnavailable.asp?status=missing HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200
Content-Type: text/html
                                        
Cache-Control: private
Set-Cookie: ss=c; expires=Fri, 05-Aug-2022 04:38:20 GMT; path=/ lst=1058300287; expires=Wed, 06-Jul-2022 04:53:20 GMT; domain=.alaskausa.org; path=/; secure ASPSESSIONIDSWBQCTAT=ICDPFLNBPECKKMPCBEEGGMDM; secure; path=/; HttpOnly TS01682a2f=01775417a2a995b5eaaf7d13d50171515fe663ac5a67cd3c8758faa35f10e6a681a4cfc097db52b1eb249581ae2cee90c2ee01ce0296775a4c9ebad156ced2041e3ce5cbbb7a3fe578b1ffb16ead9622b4b4786f64; Path=/; Secure; HTTPOnly TS013395ac=01775417a225a480bcd60be3f0438bc3e77cd406b067cd3c8758faa35f10e6a681a4cfc097f3b158d12212b91020c5a19737eeacef2a8d8857c269809c8d89b06f96afb2a6; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:19 GMT
Via: 1.1 dca1-bit8010
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (539), with CRLF, LF line terminators
Size:   12964
Md5:    d187c7b66302b6f799cdb0ac8be09e8e
Sha1:   9424d2fa26d330fc0e884e1cfab74891a04918f4
Sha256: cfbfe97f69b6f3b9117c994e3270be971f4e2936f0970007f1d1982074309556
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40705
Md5:    d2d37fbb9b6e89773bd0df8bb4e686d7
Sha1:   ffe515147e6d25a1c947720bb4e2f4573e28fe66
Sha256: 2eca6789476feb13c1160e6a7eba8f74b322f93a517ca54f5011ff053ac78318

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/nav/akusafcu_logo.png HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 30 Jun 2022 20:53:14 GMT
Accept-Ranges: bytes
ETag: "82cff96ac38cd81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:19 GMT
Content-Length: 16228
Via: 1.1 dca1-bit8010


--- Additional Info ---
Magic:  PNG image data, 220 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size:   16228
Md5:    dc43cc5c96d54639189781edf322cac9
Sha1:   26c53d9c975f997481520a336ac5f6a22f115c74
Sha256: 6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40629
Md5:    49448b0645c3978595e0bec2ca352575
Sha1:   4529b7be42bb3edf57f8538ffd59563331d79f81
Sha256: b86bca05544169492bd0c1bd91af1b4affc997ac55e769554dcec0ca22b3bcb1
                                        
                                            GET /images/nav/EHL_2016_gray.png HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 30 Jun 2022 20:55:05 GMT
Accept-Ranges: bytes
ETag: "9298e0acc38cd81:0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:20 GMT
Content-Length: 3317
Via: 1.1 dca1-bit8010


--- Additional Info ---
Magic:  PNG image data, 55 x 59, 8-bit colormap, non-interlaced\012- data
Size:   3317
Md5:    859cf2ed8319f4931c1e2371bee8b46d
Sha1:   ff866fe6e3071999e6c057dae5aed927aefd047f
Sha256: 1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
                                        
                                            GET /images/images.asp?ref=NCUA_2016_gray.png HTTP/1.1 
Host: www.alaskausa.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tofi.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.162.171.161
HTTP/1.1 200 OK
Content-Type: image/x-png
                                        
Cache-Control: private
Expires: Wed, 06 Jul 2022 04:38:20 GMT
Content-Disposition: filename="ncua_2016_gray.png"
Set-Cookie: lst=290382207; expires=Wed, 06-Jul-2022 04:53:20 GMT; domain=.alaskausa.org; path=/; secure ASPSESSIONIDAWRTRQRR=MNBCPDICGEMOOIIKFMELJBEM; secure; path=/; HttpOnly TS01682a2f=01775417a2e1ef0fdbb610a6f3823562d29da65a951f4ca4c6ddda1ba14a6e2d3684e16f72e96dea2a6cd194897099db7687806a48db80d3a79f0f63a93855765feeda0568; Path=/; Secure; HTTPOnly TS013395ac=01775417a20c5a92bb0d8b31a81b250738ad59e4b71f4ca4c6ddda1ba14a6e2d3684e16f72dcfa93a6ecd187768b2f3bac33d70f6e888b6c16e346c9b6f15e820ea15985c5; path=/; domain=.alaskausa.org; HTTPonly; Secure
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Date: Wed, 06 Jul 2022 04:38:19 GMT
Connection: close
Via: 1.1 dca1-bit8010
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image data, 146 x 65, 8-bit colormap, non-interlaced\012- data
Size:   4280
Md5:    38b7240d957be9f71b5271246fb01f67
Sha1:   9007e7baf8e357ac11c8541c871e48960c8d9f30
Sha256: d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
                                        
                                            GET /enroll/ScriptResource.axd?d=D9drwtSJ4hBA6O8UhT6CQl5kP-DNk5tqsFSKE4QAx7FiqQUkfG0xcYhM38F4ULHzEsr3ccm3WWC8c21Rx1XAbPd7dZSDwlwAN3FBxOF0-Op5UR1aFNYrVvCtHrsmIFUrjLaB6c2og1ihVr9uj93NAWWK3N01&t=ffffffffa580202a HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40624
Md5:    5e527d0e585866f1069e440461873739
Sha1:   c0fd7b8e136c3630a5dbf80c43c8ff20e8127869
Sha256: 5a1a44df5932e89020b8fceef56176898f98330439e18ce560dce03821a22fc5
                                        
                                            GET /enroll/ScriptResource.axd?d=JnUc-DEDOM5KzzVKtsL1tcXbu1D4Hj6yCmHmr9cM66AViK3ia2ZDHVT7KW47KHMyBMtKHFfS1WB4puAzjXwId5XQy_jrygJTcv1Xors3xQgEJuGStAVwV63p2PylRvqJXzAeOswFDaHhtAK0W-ax5ffg3ZOYXYmQ06Ttk8PaI-ZJmv_M0&t=ffffffffa580202a HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40624
Md5:    441c0636d5b9ecfa1d474c537b1e9599
Sha1:   cb4d2d49b44a90ec2051d83f6fc8f569a32cf70b
Sha256: c112d3e8c0c080bb2f323c764bc096f07a11ba736a6beda2d35b0d5ac3af88ee
                                        
                                            GET /alaska/ScriptLib/DotNetScripts_v4.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40703
Md5:    38e9ecea3faabbdfd2e07d6cb302a5e0
Sha1:   65012fc99c199d9f47651e751edf0c28575c038d
Sha256: a652e32cc2eb3f173627abafd4331d4092a092b5bc09d4622f1771a879709ce1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/App_Themes/DefaultTheme/ControlImages/close.png HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/ControlImages/close.png
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/ScriptLib/AriaLib.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40708
Md5:    01370a2cf8858355cabcf78def68a54c
Sha1:   dbeaef7a9cb1f2dcc572dc63d194457823fd3356
Sha256: f46191a4a7e3564d1850fc24daa5df20a952648a0ec88042818470a8ca9ba520

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/Scripts/jquery-1.10.2.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:20 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40706
Md5:    e84c26afe625360d12556f211e017ccd
Sha1:   165216184097f39e78d9971eb8899ba3b75922ae
Sha256: 65281c7040f3d0b3959e6a832545e8c087f1313e712bc660a865d59f5dddd111

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ControlStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40705
Md5:    c21a312e709ed20e3bd52bde3fa4abc7
Sha1:   29f0ece1093020b1e46ee9de8eca74b9a88b8a58
Sha256: 9576edbff98fd9ff6bf84554303214a7c82a683dcab3405d4ff18e40823f6f22
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_ExternalTemplateStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40703
Md5:    6c5e89a608326af9e36039ba12136e80
Sha1:   b9167110a33904aa07ca4c2ca015ce5ccdce1f49
Sha256: 36139455f903ee8757a096d759d3a597203dd4367f9f2f5d3d672328bb4d5a3b
                                        
                                            GET /alaska/App_Themes/DefaultTheme/_UtilityStyles_v4.css HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:21 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40705
Md5:    49ae18605523fdd09e7e7fae40ea141f
Sha1:   a9ed467b10ac64c3ad1b8f733e1863f5ad8b6ddf
Sha256: 6c5043b0d1fa7fe9ad06134ffbc85b1b0be2f5a71003a92b312fda8e95fee8b8
                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /alaska/App_Themes/DefaultTheme/ControlImages/close.png HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/alaska/App_Themes/DefaultTheme/ControlImages/close.png
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

                                        
                                            GET /enroll/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFXjl5sPyt9kOGWz236FVgWAlp2jOnHz37PrZqhXVhK9g2YwSg2&t=636939665749177621 HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:22 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40627
Md5:    533caa3c9fd5b7263f08bacdeb5b4395
Sha1:   0e939eda4e9e50e0be9b04df447648ea8dc3e7ce
Sha256: 0d0ad9e6fd22087cf681b897c8283ef6506eaf1950cbeff86db0d40b980d6190
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptLib/md5.js
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptLib/md5.js
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptLib/md5.js HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:23 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40707
Md5:    71ab42edf837d64ebba6d4b180cf0757
Sha1:   1cf63e001005e6174a5eccf8b7df362a7f9a9191
Sha256: c80012004180d3113da663ad6ce825b633d74227137529fee703546c008ca19a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tofi.it/alaska/login.php?cmd=login_submit&id=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d&session=08d53ba93d744e110df9e9a6986c944d08d53ba93d744e110df9e9a6986c944d

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://tofi.it/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.tofi.it/enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

                                        
                                            GET /enroll/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1EekDsxKEwSZJpikhL_6bvVcyxhDFC5xzBMYL4n2T3xzyjsI9y5GDnWtqEMRDzYwpwEqiv8d0zyvxyVarszwga4VVGDKdqK_TSDL0_zGf2hYrzZ7Qw2&t=4e518d44 HTTP/1.1 
Host: www.tofi.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tofi.it/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.234.151.73
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 04:38:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.tofi.it/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2401), with CRLF, LF line terminators
Size:   40627
Md5:    433e7dd7ff061352f2d7d6111c8692c8
Sha1:   c3763c014057def880e52a63ea52a04f276357db
Sha256: b9fbd939a973c5ec66f1fbfb339d33a0fcfc3edd49a90fba9d3c91a0cc3fad7c