r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Sat, 17 Sep 2022 01:00:58 GMT
Date: Fri, 16 Sep 2022 23:54:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 23:11:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O2dQpWOWGlR9RdVcaRKynZSDmoXbpd42SP77wcUQf2woESg-LcbPXQ==
Age: 2611
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZaiNi1S1alev4hVfw9EPMNavFZjySqc3LehgGjVW8IvEwNXUKB4mOQ==
age: 69557
X-Firefox-Spdy: h2
mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
216.194.164.236301 Moved Permanently 303 B URL HTTP/1.1 mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
IP 216.194.164.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 38550f87f9c13e2ebfcc9d6275017625
c0d898fe40beda0d56d9d650734537c33e8b4b54
27959be075d67c81ab06375a4e0407d640b263a406785b15736a1eb88773756a
GET /usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X HTTP/1.1
Host: mail.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 16 Sep 2022 23:54:32 GMT
Server: Apache
Location: https://mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
Content-Length: 303
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 23:54:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 23:03:22 GMT
Expires: Fri, 16 Sep 2022 23:29:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ql5nBKvPoXko80JJAfUfd_9y-EbDolXCKal_wNmhxIRDv07uy8uHug==
Age: 3071
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:33 GMT
Last-Modified: Fri, 16 Sep 2022 23:27:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lBBxNYClWg6X3yi4YDA4Bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jic3r3jukoZgFaChAZDyaJdB2KU=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
216.194.164.236404 Not Found 30 kB URL HTTP/1.1 mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
IP 216.194.164.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (36388), with CRLF, LF line terminators
Hash 28cc8a96a01c79da4cfc65d676b81715
e50006a1c3a2492b80015697fa051c964018a9ee
c433ad604eec9290af65e60dbe8a021a648601e675857a1ed81a1950d305d2ac
GET /usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X HTTP/1.1
Host: mail.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Fri, 16 Sep 2022 23:54:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://www.tuffashop.com.au/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30050
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-132659890-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-132659890-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash c25d1b1e568b33325fbeb85ea04cf4e1
9bc9559929b136f886c72c8ae4199177552cf6fe
6a3086d632d339267387d3626fcdf6f243e015f6a81a10dfb56802196e52c08f
GET /gtag/js?id=UA-132659890-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 23:54:34 GMT
expires: Fri, 16 Sep 2022 23:54:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-617029512
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-617029512
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 6db6cce34d865287878af2a44c75b2b7
370cee22b4662c506b4f3443a76e59a377d51010
a07210d6c15a84205de52de57a6fd7a98b0e45e6d5f2933339ab468c3f4b80ff
GET /gtag/js?id=AW-617029512 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 23:54:34 GMT
expires: Fri, 16 Sep 2022 23:54:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-617029512&l=dataLayer&cx=c
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-617029512&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 0322e775375291b63a965790d2eb0e91
2b0362cfbecbe58583d202d6069ba52095c4669b
5cb56d0d5655d54e1d89e35b82e5e99493684864569f3056e7beb98cc3f38812
GET /gtag/js?id=AW-617029512&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 23:54:34 GMT
expires: Fri, 16 Sep 2022 23:54:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Sat, 17 Sep 2022 01:45:54 GMT
Date: Fri, 16 Sep 2022 23:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e963daffb462e89d9d67e6193944cc3
ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c
cc24af0aedb89ab059b6706b8e51708547ea2ce2b2c2743425810b44af7c68c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14e8614f-d7d5-4a87-adf0-ab2cfcfb023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5956
x-amzn-requestid: 19032fea-67c3-404f-bf3e-9b436a61a7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeNW4G30oAMFw0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63225c2b-3da099be3781af033658520f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:56:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FU7qiAFNHIIxNo_zRH3xQzmMMORVZ4Q5W-GgwdhA5ZQJPokQssZv5A==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 12:55:52 GMT
age: 39522
etag: "ff29c630c2ed8a67fe5cd4622dc9f1d23234b58c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39268181-81b9-40cd-b774-cf931ecd20ae.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39268181-81b9-40cd-b774-cf931ecd20ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b83a17ac09a92284c0acb928bd43255
47802aeff6f22e37218077b6ab20da2a74d083bd
e830a0e417e10fb05ee57f6d952f0f256174ee4c69d4a3316ffd1150d44dea41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39268181-81b9-40cd-b774-cf931ecd20ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 11e93333-8a48-4061-8f2d-54a2869c7b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknoGGaQIAMFZPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec9a-77f473fb0410fb5e6e926b53;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1T5iJVb_d4l3baxF6wWDaR7g_lUwGyXI74jPX_diG9x9AmdsiAvT5g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:39:23 GMT
age: 8111
etag: "47802aeff6f22e37218077b6ab20da2a74d083bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Sat, 17 Sep 2022 01:45:54 GMT
Date: Fri, 16 Sep 2022 23:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Sat, 17 Sep 2022 01:45:54 GMT
Date: Fri, 16 Sep 2022 23:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f108cfb79dd8405677b7406910d11ba5
5ef30af418df5e44a0927361b679b8117c38c473
b4b973702c6c98eaf28345b019c8cf022e8056e07f508e17d156c9e136f11936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7305
x-amzn-requestid: 15096102-8ffe-47df-bfc7-ff1a1fb9fd1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFJmIAMF5Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-5c5ca26a24f39af979c17495;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5lUx834-NLHpKCxmdiAdNxCXqqNKGcDJlt9wmGR-XxdlroBfwVTrNg==
via: 1.1 e943d5f0cbb0d255d29da0ddf6639ba8.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:37:47 GMT
age: 8207
etag: "5ef30af418df5e44a0927361b679b8117c38c473"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2efd7ea9edbfe7d4d2cf6685dc60f571
dfb08910372586148c4e1fbea598818bf65cdbdb
a731494ee4cfd1d6d8642dc837f6731d55b84033f0f88a3e45fd82b07d137b28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9486
x-amzn-requestid: eb3622e4-3ac9-4148-8da1-0eb73e24e798
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRYP8HkYIAMF4mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d3a65-418ddfed5fe892af4998abc0;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 01:31:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 13i5a3uLuTga4_H4-lf1qT3dTznuh2i2TRK9mUGJuUii-WPADgG1Sg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:52:19 GMT
age: 7335
etag: "dfb08910372586148c4e1fbea598818bf65cdbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Sat, 17 Sep 2022 01:45:54 GMT
Date: Fri, 16 Sep 2022 23:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0c4155f7b9f8a4a31780ea86e50e398
50ae5dbe015dc8b9ad022cb5b11cb2c4c8086368
598683a93574a8418e19decdbfc5bcae2f028c6e1791c192f98425bd8e339ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: c570654d-569c-4faf-9690-5ffab5eaceed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YR5sREScIAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d6fe7-3ed179845a3e9ede478e6dfa;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 05:19:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kkko85Peg1nRJNE9WmrID7GfTrqjOuXZHDAcPRS6ZXIdEQF4YOMBVw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:38:59 GMT
age: 8135
etag: "50ae5dbe015dc8b9ad022cb5b11cb2c4c8086368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6680
Expires: Sat, 17 Sep 2022 01:45:54 GMT
Date: Fri, 16 Sep 2022 23:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:51:13 GMT
age: 7401
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.tuffashop.com.au/wp-content/plugins/blog-designer-for-post-and-widget/assets/css/slick.css?ver=2.2.3.1
216.194.164.236200 OK 570 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/blog-designer-for-post-and-widget/assets/css/slick.css?ver=2.2.3.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (332)
Hash 44fc28e83ed6ab178a2ce0ea508c843a
a827ba9746ae01e06998504f98fa29d3b1c1b25d
a66bcad63a3d27d2e682a1de069982f2e51518f52d1335d5da8e17f0fc263361
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/blog-designer-for-post-and-widget/assets/css/slick.css?ver=2.2.3.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Wed, 02 Feb 2022 04:41:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
216.194.164.236200 OK 2.9 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (16845), with no line terminators
Hash 293dc3ab37a779f674430b24add48dda
428c398ef138ecd2c60a3d6cf942bd92559ffdcc
010ebcc43818880d0af83955c60589adaa657ed5ff5defa817176c05eec4cd6e
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:04:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2850
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=5.2.16
216.194.164.236200 OK 1.8 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash e314e49ac9b3ea324829ffa37f3594a6
46ff68a559c77e15f6303d8cc8a2d042c3eb5a5b
68fd2de615a4d1b7d6afe9c10992f04cac4dc2dfdb37d76246652e833c3b1e51
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Mon, 22 Mar 2021 08:34:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1779
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16
216.194.164.236200 OK 4.8 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with very long lines (29271), with no line terminators
Hash dd7c1726a47a6a643915b33ff7d58ff1
af1eebb836aa766817ed21c3e35d2a3eb3e1aaba
d45cf6975f3b7ec4e2f867d0e6f718b8950a0245132bda965240d0d49c7a2c65
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4788
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tuffashop.com.au/wp-content/plugins/blog-designer-for-post-and-widget/assets/css/bdpw-public.css?ver=2.2.3.1
216.194.164.236200 OK 2.9 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/blog-designer-for-post-and-widget/assets/css/bdpw-public.css?ver=2.2.3.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (351), with CRLF line terminators
Hash 27ee9a3725da670cc4d42f1c98c6bf03
4610feff658c3e0fa108c87f04ac30c1797b155c
2345bfa188913209e6e5cb2c2a784ac97e3b2a812399869729184d9e63f5c229
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/blog-designer-for-post-and-widget/assets/css/bdpw-public.css?ver=2.2.3.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Wed, 02 Feb 2022 04:41:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2882
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
216.194.164.236200 OK 649 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
IP 216.194.164.236:0
Hash 76aba5da6a0d822d5b7ed296888c8758
9bd4319bc86fb62d04a7593569084a978fed2793
220aff2fb7a928001bdc0e30d89b683c92c5f41f259759ca04c198a678eab56e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Thu, 06 Feb 2020 06:34:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 649
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
216.194.164.236200 OK 9.5 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 216.194.164.236:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash d263d5eaa7c883c3657af7dbb878b8a1
3d7423e15e86031092227572a6bfea1d1400ce9e
adf2c10039a96f761770b8744b46b019d0e80b2c1ee5d2eb077bae0e19a23a43
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9545
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.2
216.194.164.236200 OK 8.8 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.2
IP 216.194.164.236:0
File type Unicode text, UTF-8 text, with very long lines (62655), with no line terminators
Hash ae602d7a441a68e36c75e028185bdc25
37a6b28345ae2fd0f43450a0695760698eba5014
ea11c686069d234f068929171313ff8c0c2366f6579b78a95a2e014271b3d3b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:34 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8820
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-includes/css/dist/block-library/theme.min.css?ver=5.2.16
216.194.164.236200 OK 562 B URL HTTP/1.1 www.tuffashop.com.au/wp-includes/css/dist/block-library/theme.min.css?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with very long lines (1495), with no line terminators
Hash c2c7e785ac554128579699541f35bc59
6cc27ac81033e580ec4abff557c6f0b86886a861
155a9547ffd9bd7c7a88d7ce3e02d6eac5a99151910565fc6ffcf4d5010cb78f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 07 Mar 2019 09:09:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 562
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5
216.194.164.236200 OK 4.3 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5
IP 216.194.164.236:0
File type ASCII text, with very long lines (6383)
Hash 941bd788d366c8fe2f238ba421aeca25
68d11a730dbf3e1c0bed5d7e3f3420266eafc2e3
5918cf3c3a7e96c4c21fb7ac80644dc62252271c2bd250908fda242966d67c8a
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4290
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6
216.194.164.236200 OK 7.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6
IP 216.194.164.236:0
File type ASCII text, with very long lines (30449)
Hash 8063116190a065a58dc545fec81d8ce5
20e4bf239450f01eb800bb37ef8e771366e8f8a6
ee2fb2d879295b26dab2900936501dd9ebb648e22e0bcb0bc113524c8f23cc20
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6970
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/soo-product-filter/assets/css/frontend.css?ver=20160623
216.194.164.236200 OK 670 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/soo-product-filter/assets/css/frontend.css?ver=20160623
IP 216.194.164.236:0
Hash f8a5557e9588aad0837c7ec877308035
043a6d92cf3aeca4e97ac569ab4eaba948789d50
225b317d63afe8e9b610361574597432484c4939bb4d8b6c8544da5527748b13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/soo-product-filter/assets/css/frontend.css?ver=20160623 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 670
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/soo-wishlist/assets/css/wishlist.css?ver=1.1.0
216.194.164.236200 OK 125 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/soo-wishlist/assets/css/wishlist.css?ver=1.1.0
IP 216.194.164.236:0
Hash e4167a63b5b017aa62eca30c3b283629
b24efe97437f73238b42a8a7ae87645f8219b685
ca5137f021778ba8ec9bfbc88cab07369c39626f350793d83ee67b61525caf6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/soo-wishlist/assets/css/wishlist.css?ver=1.1.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 125
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/variation-swatches-for-woocommerce/assets/css/frontend.css?ver=20200222
216.194.164.236200 OK 727 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/variation-swatches-for-woocommerce/assets/css/frontend.css?ver=20200222
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash 94b0b54d0dc03012820339abed20ecf5
965f7c60588ec83be9f85e2beb0786747377c309
86e2d4884878cb3bcd61e3a8b2d07fc48e9902e0eb122639f8f197b57e2e1efe
GET /wp-content/plugins/variation-swatches-for-woocommerce/assets/css/frontend.css?ver=20200222 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 24 Sep 2020 06:26:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 727
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/themes/sober/css/bootstrap.css?ver=3.3.6
216.194.164.236200 OK 21 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/css/bootstrap.css?ver=3.3.6
IP 216.194.164.236:0
File type ASCII text, with very long lines (540)
Hash 486756c49cb717da38606814c67d8a0f
45bd1bfde8ac20780a444e9fb2ec08afa44c6413
aca9928dcaef2ef70235699d87594ad24f94dbe11f7e6c2556e743a3a00d6c71
GET /wp-content/themes/sober/css/bootstrap.css?ver=3.3.6 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21293
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
216.194.164.236200 OK 4.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/style.css?ver=2.1.0
216.194.164.236200 OK 45 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/style.css?ver=2.1.0
IP 216.194.164.236:0
File type ASCII text, with very long lines (587)
Hash 3423cd8b716da9d01f4f9f0c818ac9c1
fa20b2343252ebb74224773b7631065c6bf5a18d
2212f8e0d8b83788054524c2d5f92b3c7deaf0df16c1b6bbb7f123723ddd0434
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sober/style.css?ver=2.1.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Wed, 05 Feb 2020 05:52:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 45331
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.2.16
216.194.164.236200 OK 43 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash d91f3cef00a21c1f34e9ec59d0e57283
76a0273ba69ca7a499a0578f0d63eba8e7aabb5d
abbff281326efaaf147ef1fd2ad7bdf23c69073fb7e826b9c41cac1ebd27332e
GET /wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:01:26 GMT
Accept-Ranges: bytes
Content-Length: 43
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
216.194.164.236200 OK 2.8 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0
IP 216.194.164.236:0
File type ASCII text, with very long lines (1071)
Hash 56e285e90bf37c3fc88ba98955fb4431
436ea108396b45c91a656c82e32433203f376123
cf91608d0e68cf7bc1165a6876bfb015e9f8c71823ca111e8df5d8e7f1137aba
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.7.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Mon, 22 Mar 2021 08:32:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2800
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
216.194.164.236200 OK 34 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 216.194.164.236:0
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Fri, 17 May 2019 17:08:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
216.194.164.236200 OK 18 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 216.194.164.236:0
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash b300af7280cf82d31e7f0b75c128598c
66b506bb8254f08ffe57c2b1e42722b73464670f
feffecee338ad546654ada73f52882c96356f6882a3e59cb540878415d77db1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18090
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
216.194.164.236200 OK 3.5 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 216.194.164.236:0
File type ASCII text, with very long lines (9172)
Hash c5ed233484e496839d8a5c379017e476
2c281f9e4e88b9f64f97c20ddcb1003064705bca
7e7f8ed6d44a1fc906799b6c41f26575b45176b5abb8ff093bb8fe0babd7c078
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3533
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.2
216.194.164.236200 OK 1.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.2
IP 216.194.164.236:0
File type HTML document, ASCII text, with very long lines (2750), with no line terminators
Hash 1b8fe2644fef57191ece9c6b91548028
9f6dbeab0f48032a1985662e325a7d2b02370290
6d8ec46817a79a5d60f41727cd986f94cdc4543092041a34d0c7c3b1d875161d
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1017
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.6
216.194.164.236200 OK 351 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.6
IP 216.194.164.236:0
Hash caa6ca5d23d1adf35e63b219631fff8e
786acb0cf5a9033939c4c4b8f5c4109e2e15401f
50973c0a98e9463c4417b2ccd9424a5f89a9924b80878548f19422b25d23d901
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.6 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 351
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1
216.194.164.236200 OK 770 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (1272)
Hash de79e5df89a53b4224c76e00dfdbb587
dfa6b1cfdc67e5039c2c0725737db2056431811c
26b83c52b4e5c60a0d23b5c487d25e5fa5667a7259d1f66c4589941e5f8a4cc3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 770
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/wooptpm.js?ver=1.10.4
216.194.164.236200 OK 6.9 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/wooptpm.js?ver=1.10.4
IP 216.194.164.236:0
Hash af3269d489d3d01b8ea4ce181c6493a7
e947161b445ca6e560fe0f46e3bc2edd8a8a4fc2
ac4fa79ba7c45bf11916b2e782e965b2f18026e325b35996af1017ca535c1891
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/wooptpm.js?ver=1.10.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:04:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6927
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.4.3
216.194.164.236200 OK 1.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.4.3
IP 216.194.164.236:0
Hash c3a153d7fba98c988e1edaaee53d09bc
1829dae439232be7ada471b4e7b074f7c35c3ab2
7743427b50ea27a85a3b71387f9e47517dacb5bc9792505a8d5e44a67811a2cb
GET /wp-content/plugins/woocommerce-currency-switcher/css/front.css?ver=1.3.4.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:05:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1029
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.tuffashop.com.au/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
216.194.164.236200 OK 867 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js
IP 216.194.164.236:0
Hash 89763009613371867caebc3620f72dca
a5a03fe608825f76db8616b4ea598ceabdeaa61c
c557140f351e473f4dbb5a761574edb3218cb09a3bcd0f5f4a683ac7e9c924cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cf7-redirection/js/wpcf7-redirect-script.js HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 02 Mar 2021 05:49:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 867
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
216.194.164.236200 OK 4.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
IP 216.194.164.236:0
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 06 Feb 2020 06:34:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3993
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:09:41 GMT
expires: Tue, 12 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 355494
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.2
216.194.164.236200 OK 619 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.2
IP 216.194.164.236:0
File type ASCII text, with very long lines (1472), with no line terminators
Hash e5cffe0bdc96a56424c5fb6c192274d0
53ee24a03f243c428a4460dac7da2862ce1800e8
5ab78456ac52f7b3e26e317fa2816d25fe113cf1f0af71adac416773c9e20851
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 619
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.2
216.194.164.236200 OK 1.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.2
IP 216.194.164.236:0
File type ASCII text, with very long lines (2940), with no line terminators
Hash e02277bbb27796df7a21fbecacff427e
89ae0705044f9532359034bfb9a6c462d9fc07a9
2176445638719be847e19c307532a59b3d31ec744268b6e261dd324d9913f1d4
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1042
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
216.194.164.236200 OK 981 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 216.194.164.236:0
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 981
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/underscore.min.js?ver=1.8.3
216.194.164.236200 OK 5.6 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/underscore.min.js?ver=1.8.3
IP 216.194.164.236:0
File type ASCII text, with very long lines (16010), with no line terminators
Hash 070849fee3018d72378b08358e03f4f6
14e74888118980062ece9e51760b4bad2604be9a
cc86a0410d67e3de5271bde6263019bdc6e9f1b063370c010a8282f9ea4f3e5c
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5634
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tuffashop.com.au/wp-includes/js/wp-util.min.js?ver=5.2.16
216.194.164.236200 OK 563 B URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/wp-util.min.js?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with very long lines (1042), with no line terminators
Hash f0e45443d3b88766b9df4187bf9a1c51
66b78fc82ff127c78c5565d6ea557c8c58fef3de
44cfadc6574891ab7a9b2aadfc6f6fcb33b7f565854644652db2545137f2f0b2
GET /wp-includes/js/wp-util.min.js?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 563
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.8.2
216.194.164.236200 OK 3.5 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.8.2
IP 216.194.164.236:0
File type ASCII text, with very long lines (13225), with no line terminators
Hash c4a41e864bd7789c4d182c9c5fafbaa0
9d22a90cf586d8f342fcc48fba0e0953bff259b9
9b2270f7b3708bca898f4866400780ecf0599c652363c6687d849e76dd5ca6f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3488
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/js/sticky-kit.min.js?ver=1.1.3
216.194.164.236200 OK 1.4 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/js/sticky-kit.min.js?ver=1.1.3
IP 216.194.164.236:0
File type ASCII text, with very long lines (546)
Hash 5e4b292edc9592e49efdfd287423b2d6
41532059d1029d9d47780e1a44c4cadf6d1cfc08
d9d4646d51ba646692ff44ed932b41cf62cdd9ac7bea061299d7569d5d292f74
GET /wp-content/themes/sober/js/sticky-kit.min.js?ver=1.1.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1411
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
216.194.164.236200 OK 1.2 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
IP 216.194.164.236:0
File type ASCII text, with very long lines (2550)
Hash 55c40b1da51c9f88b684a66c0b0b380e
194c90b6240f0430c5786787c0cf532f987a1ddd
71494f2339302138d11cc5b6bc73ea7d74c6ec4632a33858e16d516552ce2707
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1176
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/imagesloaded.min.js?ver=3.2.0
216.194.164.236200 OK 2.6 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 216.194.164.236:0
File type ASCII text, with very long lines (7996)
Hash 38b694df325f3d381d4d839d33cfb59c
82c4d20653dc93197b17e84a7b1274dac4f49588
e220e69ff51b9e853e6206a7d3204c8129e175141f5dd4e93e67a72fefdaa3b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Wed, 23 May 2018 10:05:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2551
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/isotope.pkgd.min.js?ver=3.0.1
216.194.164.236200 OK 9.7 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/isotope.pkgd.min.js?ver=3.0.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (32010)
Hash 5ee1b1e9038a43640a018d799e4f5b96
0ea161edfbb2f816c55a3322d77decaae80bdf18
12b67b8bf4fbc2d04f396c4f4f52af1b9dcc5f025647bc6a8833a2936f053bdc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sober-addons/assets/js/isotope.pkgd.min.js?ver=3.0.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:35 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9678
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/js/owl.carousel.min.js?ver=2.2.1
216.194.164.236200 OK 11 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/js/owl.carousel.min.js?ver=2.2.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (32000)
Hash 694074c04c049ebfa9fab7d7b5363875
613568d2ddb188144906c19beab972314bfde12d
3c721f2669ccc0655d376af0d8b3510d111516b179ac678edd2802c28fa928ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sober/js/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10926
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/js/jquery.fitvids.js?ver=1.1
216.194.164.236200 OK 1.3 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/js/jquery.fitvids.js?ver=1.1
IP 216.194.164.236:0
File type HTML document, ASCII text
Hash 31bd6f103266422712d7f21fd221259c
478fe2a563f8edd20468c878ad0c8dabcc506159
4f7cd006453252967505df8f72f72333de4ba5b2734773aaeca3f250fcf0b5e1
GET /wp-content/themes/sober/js/jquery.fitvids.js?ver=1.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1298
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/js/simple-scrollbar.min.js?ver=0.2.1
216.194.164.236200 OK 840 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/js/simple-scrollbar.min.js?ver=0.2.1
IP 216.194.164.236:0
File type ASCII text, with very long lines (1986), with no line terminators
Hash 53eb21f6e6822a3db31b1071bce20b76
587410e0af86271fe33b716c8388ad4171969dae
ac3edcc3b2621f0ed9235351979047c0d189aa707e05b7083ac7a353ad473eab
GET /wp-content/themes/sober/js/simple-scrollbar.min.js?ver=0.2.1 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 840
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/google-ads.js?ver=1.10.4
216.194.164.236200 OK 951 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/google-ads.js?ver=1.10.4
IP 216.194.164.236:0
Hash ffd9b9a386a7736c3fa8adb4f159e900
8ab663eaf6cdac10676d03b7975c68f815ff227d
fd8d58ce4b878ce0cbd2155121afaebd6421d234fc01888211b54a22fccc0af3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/google-ads.js?ver=1.10.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:04:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 951
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/themes/sober/js/script.js?ver=2.1.0
216.194.164.236200 OK 13 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/js/script.js?ver=2.1.0
IP 216.194.164.236:0
Hash c4a52c64d5e91ff055f2e1190e634303
ada879a773c02f5fb981386a535e3821ad02789c
75e738ecdb99e838852f09a52d33e2a69bb86b15ffffef63b3f107dbd4a45590
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sober/js/script.js?ver=2.1.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12846
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
216.194.164.236200 OK 1.8 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 216.194.164.236:0
File type ASCII text, with very long lines (3704)
Hash 8681c8c59fe450daeacc2f499e351dfe
1bedefb4c8fa62628816eaeea85677d637a6e4e0
d2160a6f66510d16512fd1fd387aee7d3763f0b4799273125faa777128dc5430
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1811
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
216.194.164.236200 OK 2.5 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 216.194.164.236:0
File type ASCII text, with very long lines (6603)
Hash ec6dcd00af82068551b3a60045c86824
140ac89dc8ae6ffebecb269e0ebd88bfbc0c2686
1a9a7a2329ce40bd74814e4f6acaddce722e9b53187fb109f39e793ffe50c46e
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2543
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
216.194.164.236200 OK 991 B URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 216.194.164.236:0
File type ASCII text, with very long lines (2927)
Hash 0a9656f23585bbaa3376e904fa025a7f
37b57e7fa8a0ab85bc257573847acc1b4fa94dcc
4c9c329df2e0b3306dd4838ce24ae58eb441bcf4c6067899a97323c8d688c59d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 991
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
216.194.164.236200 OK 3.1 kB URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
IP 216.194.164.236:0
File type ASCII text, with very long lines (10694)
Hash 10aa8ebc5880a6468df6f5fc1e6e6382
26c55c30b7ab074ba81a638125fd256108df0591
4c64c3fa0a59f218045cc60a960df7e37c7e0157cc886fb0758c200bbe02ac95
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3053
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/jquery/jquery.serialize-object.js?ver=0.2
216.194.164.236200 OK 443 B URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/jquery/jquery.serialize-object.js?ver=0.2
IP 216.194.164.236:0
Hash 43e4f66776ba964a2ad3b223a7f0daa8
7291860c4a339029d87738369cbab0b26d2796f6
83cd0d9e81953bfc26f3fcfbd1dc8ef67cf6e514948b2d82e977f172710c1a61
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.serialize-object.js?ver=0.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2011 23:09:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 443
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/soo-product-filter/assets/js/frontend.js?ver=20160623
216.194.164.236200 OK 1.9 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/soo-product-filter/assets/js/frontend.js?ver=20160623
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash 6abcd5a812b6e2a18ca23cb0acea6aad
788238953f2a91d90ebe1c5e473a49ba02a65cdb
4db79d6ac3329e697a9b213a7e5d9587f2ae8869326ba72f1c72127f19930e84
GET /wp-content/plugins/soo-product-filter/assets/js/frontend.js?ver=20160623 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1906
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/soo-wishlist/assets/js/wishlist.js?ver=1.1.0
216.194.164.236200 OK 1.1 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/soo-wishlist/assets/js/wishlist.js?ver=1.1.0
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash 9c9b149e623f88d52542f97889daabb7
ab1f860159b89937d2a700e74ad8ac22875f32b1
36db7bf909358b6693639c8d8a41b2e8860ab5d9298fd2ad7f94d75c67d97dcc
GET /wp-content/plugins/soo-wishlist/assets/js/wishlist.js?ver=1.1.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Sun, 02 Dec 2018 23:30:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1085
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=20200317
216.194.164.236200 OK 896 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=20200317
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash 4f55d100029dd13159cacd31f2f7e127
be01d00f8a1048a95e3c49edcf57b5ad63cc809e
b51963a5cdbe6b90e8e3903aac1e0ba9a2a2ad1a65b92173f710ad2f3ab8cfe2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=20200317 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Thu, 24 Sep 2020 06:26:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 896
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/jquery.countdown.js?ver=2.0.4
216.194.164.236200 OK 2.6 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/jquery.countdown.js?ver=2.0.4
IP 216.194.164.236:0
Hash 8305d5bf3851fb68c5eed12fe107e104
9c8012e445eb8dcbf7d9c824765ed744645b714d
6361ab2509bae5dc1098ce8b72e4aceb7b35f04377a34ec09e813400a3713b10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sober-addons/assets/js/jquery.countdown.js?ver=2.0.4 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2590
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7COswald&subset=latin%2Clatin-ext&ver=5.2.16
142.250.74.10200 OK 4.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7COswald&subset=latin%2Clatin-ext&ver=5.2.16
IP 142.250.74.10:0
Hash 751f2d5d1fd12830d36533191f4aefad
3902280e15c41c92541c967522a5f8761101ba9e
453785134203cb581e0a469ed794a3d6902b293ad51ddd0922695577d21338c1
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700%7COswald&subset=latin%2Clatin-ext&ver=5.2.16 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 23:54:34 GMT
date: Fri, 16 Sep 2022 23:54:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/shortcodes.js?ver=20160725
216.194.164.236200 OK 3.4 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/sober-addons/assets/js/shortcodes.js?ver=20160725
IP 216.194.164.236:0
File type ASCII text, with CRLF line terminators
Hash 9455a87fe0c3c6a263225295d9a0df9b
a7a41049c5181473b5bc2f362d46e00a171be550
b877eff2632fd6445ce070d2cd99a2cb32ed2bcd8dc37fe5e3d1df349e5936e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sober-addons/assets/js/shortcodes.js?ver=20160725 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3355
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-includes/js/wp-embed.min.js?ver=5.2.16
216.194.164.236200 OK 739 B URL HTTP/1.1 www.tuffashop.com.au/wp-includes/js/wp-embed.min.js?ver=5.2.16
IP 216.194.164.236:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.2.16 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Wed, 28 Apr 2021 08:39:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=3.8.2
216.194.164.236200 OK 596 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=3.8.2
IP 216.194.164.236:0
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash 2f180f38e80c18ed2e494aeaf2b60ec9
e5c943d63d89efbf970d145eb95c6498b50d026e
f11089e0f2e6cbc7fc0597601c7dfbb6c0fee6fad5dbdcfe40b9076c4d95b6e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-ui-touch-punch/jquery-ui-touch-punch.min.js?ver=3.8.2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Thu, 22 Jul 2021 07:52:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 596
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.4.3
216.194.164.236200 OK 1.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.4.3
IP 216.194.164.236:0
Hash 7a84ecc900989ca5b41c5dd2b7c8faf8
c53789e1da8442dc407ce4a49b194cadee56804d
ca0faa5c6bbba3e6b56df855c5e7aefd362175f893340dab270841f5a4869968
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-currency-switcher/js/price-slider_33.js?ver=1.3.4.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:05:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1025
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.4.3
216.194.164.236200 OK 2.4 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.4.3
IP 216.194.164.236:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (7149), with CRLF line terminators
Hash 55cb6402937f77ad558a6514e74ad068
4f29961ac8dd382ba3cae536f728e7cdd4b4b03d
240e41349f90e2c0692fcacddd3d9231e99310bfcf09e0989f97bbfade0f2c85
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-currency-switcher/js/jquery.ddslick.min.js?ver=1.3.4.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:05:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2373
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.4.3
216.194.164.236200 OK 4.3 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.4.3
IP 216.194.164.236:0
Hash 54994c151d6b0cc78a18c5b3c5f1af8f
e44263bd71c5c1cd8e5c09ea2c0067b907896761
473bf809faf74faae78265a5293a5ce971cdb975672a82f2b61e0b3fbdfe88b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-currency-switcher/js/front.js?ver=1.3.4.3 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 11:05:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4305
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.tuffashop.com.au/wp-content/uploads/2018/12/T_LOGO.png
216.194.164.236200 OK 7.6 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/uploads/2018/12/T_LOGO.png
IP 216.194.164.236:0
File type PNG image data, 1303 x 232, 8-bit colormap, non-interlaced\012- data
Hash a13d4401755d4cfaf243298bfc2e1164
0c97ba9214d7fddccefe6a80b42ab593c91dc33a
5ed1d42a88cd59a1933b3dfa990506aee6b87c19d92a70c2c19e570162d297cb
GET /wp-content/uploads/2018/12/T_LOGO.png HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Thu, 20 Jun 2019 06:57:14 GMT
Accept-Ranges: bytes
Content-Length: 7641
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.tuffashop.com.au/wp-content/uploads/2018/06/TUFFA.png
216.194.164.236200 OK 1.9 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/uploads/2018/06/TUFFA.png
IP 216.194.164.236:0
File type PNG image data, 109 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 09c5d53a92e354c608b495903c800071
1aa81621c24a578ae9b3c5d78080c06c5511c0c8
c255e6afe548509b990b7807c5e28eac8f8c3ae07cf410c074ae6005f6898b90
GET /wp-content/uploads/2018/06/TUFFA.png HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Fri, 01 Jun 2018 05:17:52 GMT
Accept-Ranges: bytes
Content-Length: 1889
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
mail.tuffashop.com.au/?wc-ajax=get_refreshed_fragments
216.194.164.236200 OK 454 B URL HTTP/1.1 mail.tuffashop.com.au/?wc-ajax=get_refreshed_fragments
IP 216.194.164.236:0
File type JSON data\012- HTML document, ASCII text, with very long lines (901), with no line terminators
Hash 524117aad090767827cf5e6ef6de117a
12322b6e0fd883f637a5c303d0ba4387677a9ab2
9d6309bb9422c327af84828b62e0c93746b77906659d97bc6e942f378fbc8907
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: mail.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
Cookie: _gcl_au=1.1.1796988462.1663372458
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
www.tuffashop.com.au/wp-content/uploads/2018/05/BG.jpg
216.194.164.236404 Not Found 24 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/uploads/2018/05/BG.jpg
IP 216.194.164.236:0
Hash cabb24f5c12fc83989fbca7fbf663465
304860479f249889f3b734cfde1c47e81377cc96
68243c4f7516865e02a1367b5e4b18ec335e1190b158bcdd0b27680e7514e16d
GET /wp-content/uploads/2018/05/BG.jpg HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Cookie: _gcl_au=1.1.1796988462.1663372458
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 404 Not Found
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://www.tuffashop.com.au/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30653
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 16 Sep 2022 22:41:12 GMT
expires: Sat, 17 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 4405
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b4a24f9aebdfdb06d10cd53e92a70bb8
c4532479dbd9636d8f5206faa085c520651eb5f2
1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 16 Sep 2022 23:54:37 GMT
expires: Fri, 16 Sep 2022 23:54:37 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.tuffashop.com.au/?wc-ajax=get_refreshed_fragments
216.194.164.236200 OK 454 B URL HTTP/1.1 mail.tuffashop.com.au/?wc-ajax=get_refreshed_fragments
IP 216.194.164.236:0
File type JSON data\012- HTML document, ASCII text, with very long lines (901), with no line terminators
Hash 524117aad090767827cf5e6ef6de117a
12322b6e0fd883f637a5c303d0ba4387677a9ab2
9d6309bb9422c327af84828b62e0c93746b77906659d97bc6e942f378fbc8907
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: mail.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/usps/home.php?ip=80.167.121.81&countryCode=DK&OS=Mac+OS+X
Cookie: _gcl_au=1.1.1796988462.1663372458
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:37 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tuffashop.com.au/wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-192x192.jpg
216.194.164.236200 OK 5.5 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-192x192.jpg
IP 216.194.164.236:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 07eb1f8f6ee8acae44814dee3c135060
6d14e1f783490bbfd7dfb22f1a99fcfe45e073b4
46dfbbbf6398be7c706a39718a53a9b10558bc27398dcea67e5cc302684a7255
GET /wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-192x192.jpg HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Cookie: _gcl_au=1.1.1796988462.1663372458
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:37 GMT
Server: Apache
Last-Modified: Mon, 11 Feb 2019 03:07:19 GMT
Accept-Ranges: bytes
Content-Length: 5457
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.tuffashop.com.au/wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-32x32.jpg
216.194.164.236200 OK 984 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-32x32.jpg
IP 216.194.164.236:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 45b0e9dd7c615c586d82b12810609836
72179ef74b7f77b52a03f7974baf927c3eb5ac41
1d4e5d8864b7682981e5d0c3b9632beb501f0e502ec6c21a77991d7ae6b5c95e
GET /wp-content/uploads/2018/12/cropped-TUFFA_CUFF_PANTS_BACK_web-32x32.jpg HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Cookie: _gcl_au=1.1.1796988462.1663372458
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:37 GMT
Server: Apache
Last-Modified: Mon, 11 Feb 2019 03:07:19 GMT
Accept-Ranges: bytes
Content-Length: 984
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tuffashop.com.au/wp-admin/admin-ajax.php
216.194.164.236200 OK 181 B URL HTTP/1.1 www.tuffashop.com.au/wp-admin/admin-ajax.php
IP 216.194.164.236:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 49230da711065103f7aa09be8512a937
14f3707b8e30e5978786c066d6adabd765d85e27
e552150e897a3baf64888fce7920147a8d88576827c430567b4cce2065b01292
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 28
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:37 GMT
Server: Apache
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Set-Cookie: tk_ai=woo%3AsKMwQMfY3sgQaulrSB62O1eT; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 181
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
googleads.g.doubleclick.net/pagead/viewthroughconversion/617029512/?random=1663372461029&cv=9&fst=1663372461029&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&auid=1796988462.1663372458&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/617029512/?random=1663372461029&cv=9&fst=1663372461029&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&auid=1796988462.1663372458&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2432), with no line terminators
Hash 30effa1dc4179be4e773cfa7b037b6b2
1a79ea5b4db77bb29e26a3514125b218b008e891
593d029e4378ac5868dc8faeb8181e4f87c9239011105dbb74cd935c36e6d9d0
GET /pagead/viewthroughconversion/617029512/?random=1663372461029&cv=9&fst=1663372461029&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&auid=1796988462.1663372458&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 23:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1098
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Sep-2022 00:09:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
216.194.164.236200 OK 9.0 kB URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 216.194.164.236:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash d0cf55b115c0d06221fedbed6d80e452
6a0cb02ee166112fbff62d4261137cdcf05ec9f7
a6d6434e286535672a17927897dfb83158d0b59dbba4c55774885885535898b3
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://www.tuffashop.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:31 GMT
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1148535665&gjid=240888181&_gid=241923743.1663372461&_u=YEBAAUIoAAAAAC~&z=288128518
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1148535665&gjid=240888181&_gid=241923743.1663372461&_u=YEBAAUIoAAAAAC~&z=288128518
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1148535665&gjid=240888181&_gid=241923743.1663372461&_u=YEBAAUIoAAAAAC~&z=288128518 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mail.tuffashop.com.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Sep 2022 23:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1459574075&gjid=1343596061&_gid=241923743.1663372461&_u=aGDAAUIpAAAAAC~&z=464412900
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1459574075&gjid=1343596061&_gid=241923743.1663372461&_u=aGDAAUIpAAAAAC~&z=464412900
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132659890-1&cid=1227230896.1663372461&jid=1459574075&gjid=1343596061&_gid=241923743.1663372461&_u=aGDAAUIpAAAAAC~&z=464412900 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://mail.tuffashop.com.au
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Sep 2022 23:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13fec77b59dae4bb9410a06357423a2f
086b7b536283f0a18742c3e43397762f78cdccf8
66b85a264ec591ece4c49e1f6a5da676436319845540139888e0b5e4906c5f16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13fec77b59dae4bb9410a06357423a2f
086b7b536283f0a18742c3e43397762f78cdccf8
66b85a264ec591ece4c49e1f6a5da676436319845540139888e0b5e4906c5f16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/617029512/?random=1663372461031&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=743570208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/617029512/?random=1663372461031&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=743570208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/617029512/?random=1663372461031&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=743570208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 23:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/617029512/?random=1663372461029&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=1848167105&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/617029512/?random=1663372461029&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=1848167105&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/617029512/?random=1663372461029&cv=9&fst=1663369200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmail.tuffashop.com.au%2Fusps%2Fhome.php%3Fip%3D80.167.121.81%26countryCode%3DDK%26OS%3DMac%2BOS%2BX&tiba=Page%20not%20found%20-%20Tuffa%20Shop&async=1&fmt=3&is_vtc=1&random=1848167105&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 23:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13fec77b59dae4bb9410a06357423a2f
086b7b536283f0a18742c3e43397762f78cdccf8
66b85a264ec591ece4c49e1f6a5da676436319845540139888e0b5e4906c5f16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 23:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tuffashop.com.au/wp-admin/admin-ajax.php?action=wooptpm_get_cart_items
216.194.164.236200 OK 22 B URL HTTP/1.1 www.tuffashop.com.au/wp-admin/admin-ajax.php?action=wooptpm_get_cart_items
IP 216.194.164.236:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 061faf60a30dde2f20ba8f454c3020de
1940a26a9be338cb36f5b50a1d638ef36b124d51
21947b02ead137acb20e602e9448c7c453b2836d1a755aadd5e1c61ecd2eb034
GET /wp-admin/admin-ajax.php?action=wooptpm_get_cart_items HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:38 GMT
Server: Apache
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Set-Cookie: tk_ai=woo%3ACQaGI%2F0J%2FdIm1vDVWfe%2FepVG; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1898b54c79423102c5bd010ac7b1220
beba56afde25abd753d162aaaa95b5e01ba60fb6
b93af660bef22579c03f943df26147b9e364915eaf011464d6891331138a2b6b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7465
x-amzn-requestid: 658c3d9d-1527-4126-8639-1e9701ddcda9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ybve0FbpIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63215f91-7ac260200d96b950512fe55f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 04:58:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bvwcDSHxkxIRHJzNBtOpWhK-vRYFCuPHX6jCaiEMFhFGmjqAGLc2og==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:48:34 GMT
age: 7566
etag: "beba56afde25abd753d162aaaa95b5e01ba60fb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.tuffashop.com.au/wp-content/themes/sober/fonts/SofiaProLight-webfont.ttf
216.194.164.236200 OK 0 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/fonts/SofiaProLight-webfont.ttf
IP 216.194.164.236:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sober/fonts/SofiaProLight-webfont.ttf HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://www.tuffashop.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:37 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 27050
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/ttf
www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
216.194.164.236200 OK 0 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
IP 216.194.164.236:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://www.tuffashop.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 13:46:31 GMT
Accept-Ranges: bytes
Content-Length: 98024
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff
www.tuffashop.com.au/wp-content/themes/sober/fonts/SofiaProLight-webfont.woff2
216.194.164.236200 OK 0 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/themes/sober/fonts/SofiaProLight-webfont.woff2
IP 216.194.164.236:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sober/fonts/SofiaProLight-webfont.woff2 HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://www.tuffashop.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:49:53 GMT
Accept-Ranges: bytes
Content-Length: 21428
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
www.tuffashop.com.au/wp-content/fonts/oswald/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCnAw.woff
216.194.164.236200 OK 0 B URL HTTP/1.1 www.tuffashop.com.au/wp-content/fonts/oswald/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCnAw.woff
IP 216.194.164.236:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/oswald/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCnAw.woff HTTP/1.1
Host: www.tuffashop.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.tuffashop.com.au
Connection: keep-alive
Referer: https://mail.tuffashop.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 23:54:36 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2022 01:34:35 GMT
Accept-Ranges: bytes
Content-Length: 13268
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff