r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4021
Expires: Wed, 08 Feb 2023 05:29:44 GMT
Date: Wed, 08 Feb 2023 04:22:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12361
Expires: Wed, 08 Feb 2023 07:48:44 GMT
Date: Wed, 08 Feb 2023 04:22:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 03:34:12 GMT
content-type: application/json
age: 2911
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Wed, 08 Feb 2023 05:00:00 GMT
Date: Wed, 08 Feb 2023 04:22:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ltdnpqm2zbRwWI05/a1sljYRL+gBT4QCNICG1o5Hx4m6wSE7ZdcZAnwDdbQuYv96PVgdKB3hFFo=
x-amz-request-id: DEBKE5BDZ7BS2354
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 03:35:46 GMT
age: 2817
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 04:22:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 03:51:20 GMT
age: 1883
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7325
Expires: Wed, 08 Feb 2023 06:24:49 GMT
Date: Wed, 08 Feb 2023 04:22:44 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.124.48101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.124.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5lA/w+TA8wdpdOxSYo4bMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OloYm1Vt/h3rVwHXZULd/44lw24=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4658
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:45 GMT
Last-Modified: Wed, 08 Feb 2023 03:05:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
142.250.74.138200 OK 943 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
IP 142.250.74.138:0
Hash 499ce1b88322bf73725886c03337fb1a
e4ef4aeae044ee651072a4f43615ee833f1496ed
3f479351b866c360ea55f98fd63eb7a380c086d37b87ffd00b6acc03a7667bf8
GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 08 Feb 2023 04:22:45 GMT
Date: Wed, 08 Feb 2023 04:22:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.8.1
142.250.74.138200 OK 840 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.8.1
IP 142.250.74.138:0
Hash 5d603004cc01f906120c2f5baf6a1070
d217e001c2219bd61bf24ef011de867b77b4580d
04f55f27902330439c7a218917c8ecd1f764d0e8a556c83a8c964175813d1c67
GET /css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 08 Feb 2023 04:22:45 GMT
Date: Wed, 08 Feb 2023 04:22:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19085
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 04:22:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 22600
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 24034
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 76019
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 24042
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:41:21 GMT
age: 74484
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 21808
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15beb7bfb1e8bb9ad6f47c3a7945d341
9b28ae0959c9eb85356cead7d9dadbef4ef638fe
fc168abe9147f855283027ea0e5d90367d45c016fbdf181c06b0969e94c04e8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5842
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:45 GMT
Last-Modified: Wed, 08 Feb 2023 02:45:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5c88d3bea11b5e4ab55139b12afd6481
e6f6a45f9cad1fe06edbc5371887199387f51b5f
897d20199934381ef24f0c9c9d1738f5cc504b0ccd5d16005eeb8837955d3ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4658
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:45 GMT
Last-Modified: Wed, 08 Feb 2023 03:05:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19085
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 04:22:45 GMT
Connection: keep-alive
sofia.com.hk/wp-includes/css/jquery-ui-dialog.min.css?ver=4.8.1
103.38.161.16200 OK 4.8 kB URL HTTP/1.1 sofia.com.hk/wp-includes/css/jquery-ui-dialog.min.css?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (3596)
Hash dae18845cfc3c211c5c6de92401b2ad5
2dd43f7cd9c73e7d613de1f476d938cb5c789994
3a5dae1cd29a62322c66e2028ca668d50181b28c9093fda9c753d32cad93f708
GET /wp-includes/css/jquery-ui-dialog.min.css?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 4796
Last-Modified: Thu, 24 Mar 2016 00:57:28 GMT
Connection: keep-alive
ETag: "56f33b78-12bc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.2
103.38.161.16200 OK 1.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 7d5d92ddcbe33c91355c20a1d35e7a95
1843e6911072990d2193279a299c9f70523ed553
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 1606
Last-Modified: Fri, 22 Dec 2017 15:56:40 GMT
Connection: keep-alive
ETag: "5a3d2b38-646"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15beb7bfb1e8bb9ad6f47c3a7945d341
9b28ae0959c9eb85356cead7d9dadbef4ef638fe
fc168abe9147f855283027ea0e5d90367d45c016fbdf181c06b0969e94c04e8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5842
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:45 GMT
Last-Modified: Wed, 08 Feb 2023 02:45:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
fonts.googleapis.com/css?family=Acme|Montserrat
142.250.74.138200 OK 535 B URL HTTP/1.1 fonts.googleapis.com/css?family=Acme|Montserrat
IP 142.250.74.138:0
Hash 994aa9f0b03ae09b014129c6da400b81
0f42f6cffed7f48d70b5a0e357d2ff8530439811
250fbc8e22bb2109d9dd17609ed438e1303d8896a06545122980e540c20981e3
GET /css?family=Acme|Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 08 Feb 2023 04:22:45 GMT
Date: Wed, 08 Feb 2023 04:22:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
sofia.com.hk/wp-content/plugins/photo-gallery/css/bwg_frontend.css?ver=1.3.67
103.38.161.16200 OK 7.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/css/bwg_frontend.css?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 8cbc74893d722d3d72c314ac805adcf4
9e4f95ba1a8de35fcdb45f9c00b4cb246fb01e87
5c3136627104a6bb70c98e596e74a368819bb51f8e0fa7167495f9672c96429d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/bwg_frontend.css?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 7561
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-1d89"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/css/dashicons.min.css?ver=4.8.1
103.38.161.16200 OK 46 kB URL HTTP/1.1 sofia.com.hk/wp-includes/css/dashicons.min.css?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (46364), with no line terminators
Hash cf3c0e8f26fe2025a0f22138ffe30d53
48303b67f6e472663b304f9aeef59f977199f492
5c68cf1f0dca577bf260a647a1e73410fae9b838e3da448412df4b142e4fc123
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 46364
Last-Modified: Thu, 05 May 2016 15:29:27 GMT
Connection: keep-alive
ETag: "572b66d7-b51c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.1.6
103.38.161.16200 OK 19 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash b943beddee72dbe482d58e34bb1ca110
69d929d24e64f3da4cf74e8248f7cbedcfeb430e
26789d1fba78e92127e55b3b964612174c806dddd5ddb23c558ef68bf1e065a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 19397
Last-Modified: Fri, 21 Jul 2017 09:54:40 GMT
Connection: keep-alive
ETag: "5971cf60-4bc5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 13370dcedeaf8987047cb7cfd4bfa25f
cc4b7e79c14104030a2faa6bd2ec18d5c9f50190
abdc10b39e3b64b79fbd1931fb74cdf2a91d9b65a6562575dda90193a744f73c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/DjFI7LME4c4/maxresdefault.jpg
172.217.21.182200 OK 178 kB URL HTTP/2 i.ytimg.com/vi/DjFI7LME4c4/maxresdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 178 kB (178159 bytes)
Hash 8219afce92e5deca9b4cd7b2f7b48180
e7cc872ce61078e01bb59eac6e45603418f12b34
8dbb2a27c5b26c3ece1291dbd9471766da65bd7b7e2d8f033bdca9d93909d64e
GET /vi/DjFI7LME4c4/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 178159
date: Wed, 08 Feb 2023 04:22:46 GMT
expires: Wed, 08 Feb 2023 06:22:46 GMT
cache-control: public, max-age=7200
etag: "1628014213"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sofia.com.hk/
103.38.161.16200 OK 274 kB IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (46093), with CRLF, LF line terminators
Size 274 kB (274094 bytes)
Hash 619917e3212037c8b89491a07011ce3a
02e9eefc46bddb3eb2e3f1025789e5a1469cc126
83e0b12c4ab024aa84d4ee156dd7fd782af07911c5908a3c41f3a496907a3d0e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://sofia.com.hk/wp-json/>; rel="https://api.w.org/", <http://sofia.com.hk/>; rel=shortlink
Set-Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F; expires=Thu, 09-Feb-2023 04:22:43 GMT; Max-Age=86400; path=/
X-Powered-By: PHP/7.0.33, PleskLin
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 13370dcedeaf8987047cb7cfd4bfa25f
cc4b7e79c14104030a2faa6bd2ec18d5c9f50190
abdc10b39e3b64b79fbd1931fb74cdf2a91d9b65a6562575dda90193a744f73c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sofia.com.hk/wp-includes/js/wp-emoji-release.min.js?ver=4.8.1
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/wp-emoji-release.min.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (8937)
Hash 8b90a6e26cce1c0a39bfa8b7e0fe909e
c610b59eb330be444b76e102f22f7c6c2eb4dc3f
bcb42c4f5eb5b4c7ee08632af417513c6f6002fdf7d4b8d2dea6376f0cadd563
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: application/javascript
Content-Length: 11845
Last-Modified: Thu, 25 May 2017 07:18:45 GMT
Connection: keep-alive
ETag: "59268555-2e45"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
103.38.161.16200 OK 4.0 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (3775)
Hash 9ce4e157448487d4efe0ca538f656a71
45d22de723a97ca19cddd4fb792e339b5fab5c50
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: application/javascript
Content-Length: 4000
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-fa0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/wppQvZbkYn0
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/wppQvZbkYn0
IP 216.58.211.3:0
Hash 00754247e53f257f236a4d63d4677d7c
146815298ef7c55e456ff05327b9d2b15ff5d489
43f948176ad61b12a7b0b2cf4a83932cf7768d5261b4f63865bfb1ccc6ec00ff
POST /s/gts1p5/wppQvZbkYn0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ukrzoloto.ua/files/news/novosti/6705516cb293898cbbad3db640720fd6.jpg
62.149.29.98200 OK 78 kB URL HTTP/2 ukrzoloto.ua/files/news/novosti/6705516cb293898cbbad3db640720fd6.jpg
IP 62.149.29.98:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x600, components 3\012- data
Hash e9ec3b8a6c8b9d7b5573b410d8b3cb8e
600943571619c35ed63bd051d24b8c3943448139
803a76ec92373c48cd2eab3c4fd8ceab79ae867b5cb482af604ad6c5aef1a24f
GET /files/news/novosti/6705516cb293898cbbad3db640720fd6.jpg HTTP/1.1
Host: ukrzoloto.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 08 Feb 2023 04:22:46 GMT
content-type: image/jpeg
content-length: 77807
last-modified: Thu, 18 Mar 2021 12:35:30 GMT
etag: "60534912-12fef"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.css?ver=1.3.67
103.38.161.16200 OK 13 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.css?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 134d36ccd55a3865fccee8ffa9840c2f
cc10fbd8363394dae26d6a954f27d2b7cf8e5a14
bbf8b025f38fc6aef74423424106cc06be1b91e2c794cff8d9bf1e5b9a3ddfbb
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.css?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 13224
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-33a8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/css/font-awesome/font-awesome.css?ver=4.6.3
103.38.161.16200 OK 35 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/css/font-awesome/font-awesome.css?ver=4.6.3
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (357)
Hash 6480d42fb358be80424835fbcdf28876
f76e6f6db4a64748638cb82faa5230f89d1b306c
3e825e4cd826af209f652088971f7047fbe31acdeda049a078103933e8999a95
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/font-awesome/font-awesome.css?ver=4.6.3 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 35376
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-8a30"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
103.38.161.16200 OK 7.2 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (7019)
Hash 2ce99e1ed08df351e6a58eb4b6bcbfa9
f708f7a41251a017c0b4faabe96ae508a92f5787
d265f247e3d995d26cf1befe9a028b199d9809ad21e0220e603c92ae6c08dadf
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: application/javascript
Content-Length: 7236
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-1c44"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
103.38.161.16200 OK 19 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (18682)
Hash 443c277789baf69c490019d59c1b36ed
14e63b2c361a8898fae5b2b4edc08125497112a5
df7667a0380d57f508016bbe78d085ab7f7bc782b128df6d46e815162ea6e82b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: application/javascript
Content-Length: 18905
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-49d9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
publish.one37pm.net/wp-content/uploads/2020/10/poke-games-univ2.jpg?fit=1600%2C707
192.0.66.229200 OK 414 kB URL HTTP/2 publish.one37pm.net/wp-content/uploads/2020/10/poke-games-univ2.jpg?fit=1600%2C707
IP 192.0.66.229:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 414 kB (413652 bytes)
Hash 5a478ac77c1d03b5a4fab41584835c63
e5fe38aa565ff9ac25f642ba227906d18d092aea
b2f2e873630145e5a85a5c0d52a81d8497050331126aad94392a50d3288e5e4f
GET /wp-content/uploads/2020/10/poke-games-univ2.jpg?fit=1600%2C707 HTTP/1.1
Host: publish.one37pm.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 04:22:46 GMT
content-type: image/webp
content-length: 413652
last-modified: Wed, 08 Feb 2023 04:22:46 GMT
expires: Thu, 08 Feb 2024 04:22:46 GMT
etag: "78c4e246f794af14"
vary: Accept
cache-control: max-age=2592000
x-rq: arn2 109 142 443
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1
103.38.161.16200 OK 1.2 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with CRLF line terminators
Hash 5cc580b85ea75c54828dfe5f9343e3dc
e6659c166b094693b78466ddf793db5860e82896
5f626d986cb2b012e03225573f87ce60ecb1a44c997a24032cf905482faef82b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:45 GMT
Content-Type: text/css
Content-Length: 1174
Last-Modified: Fri, 03 Nov 2017 06:42:55 GMT
Connection: keep-alive
ETag: "59fc0fef-496"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/css/sumoselect.css?ver=3.0.2
103.38.161.16200 OK 8.7 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/css/sumoselect.css?ver=3.0.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (516)
Hash ccfbd12b9b34c29639dd9c39f22bc00e
612f5e471ae3cb99d214d7751c2534836267efce
0d23f402d9e83ea351b6b1a9e9b03ee3f94a9b41bd95e64da24e637753bf4dad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/sumoselect.css?ver=3.0.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 8690
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-21f2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/popup-maker/assets/css/site.min.css?ver=1.6.6
103.38.161.16200 OK 3.4 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/popup-maker/assets/css/site.min.css?ver=1.6.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (3423), with no line terminators
Hash 9fce1ca38c5b60e31c003f4d2131bf4f
a6b0271a27494887752a83cff863e29f31a4c63b
033c04e1d2bf0ac7e09ecfc74fba06f19226c867ab7cfbcf0d7017597955d19b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popup-maker/assets/css/site.min.css?ver=1.6.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 3423
Last-Modified: Fri, 03 Nov 2017 07:55:44 GMT
Connection: keep-alive
ETag: "59fc2100-d5f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash f5cb970ad59adf542dddd229e41a8359
9e949419583917764b342e796f1d72c8beca0c09
4dccae69a860238d9c359c2e899f188af0fe723fb80cfb4a17fa703e7cfd126f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DCCAE69A860238D9C359C2E899F188AF0FE723FB80CFB4A17FA703E7CFD126F"
Last-Modified: Tue, 07 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Wed, 08 Feb 2023 10:22:29 GMT
Date: Wed, 08 Feb 2023 04:22:46 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/wppQvZbkYn0
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/wppQvZbkYn0
IP 216.58.211.3:0
Hash 00754247e53f257f236a4d63d4677d7c
146815298ef7c55e456ff05327b9d2b15ff5d489
43f948176ad61b12a7b0b2cf4a83932cf7768d5261b4f63865bfb1ccc6ec00ff
POST /s/gts1p5/wppQvZbkYn0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sofia.com.hk/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.6.6
103.38.161.16200 OK 41 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.6.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32011)
Hash 71abba691baf88a3c166e1bb30ecc6ef
7d06f6abfd96638c4b21fe91548671e6914e3fa1
91161096a7eacb9d2f61ec8bcaeb9bc5a0ba4851bc09e8382eb0a296e81c4459
GET /wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.6.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: application/javascript
Content-Length: 40934
Last-Modified: Fri, 03 Nov 2017 07:55:44 GMT
Connection: keep-alive
ETag: "59fc2100-9fe6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woo-download-credits-platinum/assets/css/public-min.css?ver=4.8.1
103.38.161.16200 OK 743 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woo-download-credits-platinum/assets/css/public-min.css?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (743), with no line terminators
Hash 08c5517b63c75570f348d4ba2d5aebb9
588899b70adfe5a7ffc567eb478e02b96ecfa828
565c1948344e9c97defaedc189d74837b7a62e5bf08d7916cacf0b218475a564
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-download-credits-platinum/assets/css/public-min.css?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 743
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 22 Dec 2017 15:24:38 GMT
ETag: "2e7-560ef6a2bffac"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/woocommerce-multiple-addresses/assets/css/public.css?ver=1.0.7.1
103.38.161.16200 OK 168 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-multiple-addresses/assets/css/public.css?ver=1.0.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash e30804cd9bd361ef80527a45eb265db8
03798e648c1dda19687cf8fdb8fb8da1e5768b4b
8531bda68ce56de613d81a6ecee30133fcf1d822c6a6fc6c187771b771440d39
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multiple-addresses/assets/css/public.css?ver=1.0.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 168
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Tue, 01 Aug 2017 10:11:00 GMT
ETag: "a8-555ae5d355500"
Accept-Ranges: bytes
X-Powered-By: PleskLin
r3.o.lencr.org/
23.33.119.10200 OK 503 B IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
Hash 0b99bc0f3e553ad2a79c20b3d1669d81
96b941d1e3b19b40181137ccbbe3feb58bdb640c
3c72b05229cfedba319b96a86fab8d2d67869afbc48b2c2f5cef2f972e0bf6bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C72B05229CFEDBA319B96A86FAB8D2D67869AFBC48B2C2F5CEF2F972E0BF6BB"
Last-Modified: Tue, 07 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Wed, 08 Feb 2023 10:22:24 GMT
Date: Wed, 08 Feb 2023 04:22:46 GMT
Connection: keep-alive
sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.1.1
103.38.161.16200 OK 16 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (15972), with no line terminators
Hash 5a7c579e7838d4039ca4b36bdefa19f3
77a92705b477428b5eadda914e5aa23ac20e4bcf
82bb17819368e12db3c5fc1d9b8152ae99df078cd1a9a3db048680105119a2b1
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 15972
Last-Modified: Mon, 25 Dec 2017 08:58:53 GMT
Connection: keep-alive
ETag: "5a40bdcd-3e64"
X-Powered-By: PleskLin
Accept-Ranges: bytes
use.fontawesome.com/997dc37f16.js
172.64.133.15200 OK 55 kB URL HTTP/2 use.fontawesome.com/997dc37f16.js
IP 172.64.133.15:0
File type Unicode text, UTF-8 text, with very long lines (9239)
Hash cc4f4e7d155aee8b7756ae411b645951
4a96eccb3797b02997d46c43b8c584c39269b84a
57b89296cfaed16416ff11262827c73dd455b774e7b347dfcddc4c0e95fcbf4d
GET /997dc37f16.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 04:22:45 GMT
content-type: text/javascript
x-amz-id-2: muYmNpnAN7PDV25ij2KaZ0xlqIfmorCIffOw4efvgBNko6pNQBx2K7sohTQteg83gEeWEcOwOTk=
x-amz-request-id: 4AYZ2XNE1TWZ48CA
last-modified: Thu, 01 Jul 2021 13:07:51 GMT
etag: W/"0a53ad29157a64ac84bba6198d6902c4"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB3wQSBXh%2BQ3q%2F4qX1TrDFDGuMP4jBcPIMCG%2FfpQR5kL2nRwkrdjhxsJeWwrm22U1dDu1mqB2ojHppijwuAXKzw431eBz%2BCTA2Tu7Q9AeWeCyILn%2Bqc%2F%2Fe7t%2Fi10v9a8dLIJqAzA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79619606bd7f23bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
103.38.161.16200 OK 30 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (29256), with CRLF line terminators
Hash e41c8b843d0a67ae2fd223ba1ef4c4b0
71d189ee8dec40b0ca3dc4db010393837b296693
ac8022c32b253fc7f730218d157fc40d0ee585572ff223aa51af56a1623f75e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 29629
Last-Modified: Fri, 21 Jul 2017 09:54:39 GMT
Connection: keep-alive
ETag: "5971cf5f-73bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1
103.38.161.16200 OK 851 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (850)
Hash 53796b73587b4a58b8904d127eaa51f9
b7160b6ceaea4e424cf2f9ef31de57cac1e04397
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css?ver=1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 851
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 19 May 2017 08:38:22 GMT
ETag: "353-54fdc71ab3b80"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.2.7.1
103.38.161.16200 OK 1.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.2.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1635)
Hash de6187d1995e5a109bd005ecfa4e0b2e
54aafc57331f88a887a64b83f140a1237c438834
3f86ca9e98f627b0ebc0e979a08e269e96f3863b5de5ebb68f8e00f5d8f21bc4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.2.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 1636
Last-Modified: Fri, 22 Dec 2017 15:55:25 GMT
Connection: keep-alive
ETag: "5a3d2aed-664"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/css/swatches-and-photos.css?ver=4.8.1
103.38.161.16200 OK 8.7 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/css/swatches-and-photos.css?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash cefe9febcbe006e015cc913577913d3f
4ccfa2b0dcf56e6884b22d6eac5b7e297316cf9f
2b63649cb2bc47936e10f415eb3b9484887273c48b4f6b3f13664e6bd98ac8bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/css/swatches-and-photos.css?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 8656
Last-Modified: Fri, 15 Sep 2017 11:54:07 GMT
Connection: keep-alive
ETag: "59bbbf5f-21d0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.1
103.38.161.16200 OK 9.2 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (9152), with no line terminators
Hash 2151f6abfde142cc09ec939cfcabbf1c
db949218a3c168ea57d4fe9b4196db26140181a8
5fcc39111ad0815edcaaa3b1e2364e362c1c43f8fc588a0a6548ee947713e312
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 9152
Last-Modified: Mon, 25 Dec 2017 08:58:51 GMT
Connection: keep-alive
ETag: "5a40bdcb-23c0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/css/frameworks.min.css?ver=4.8.1
103.38.161.16200 OK 194 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/css/frameworks.min.css?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (65536), with no line terminators
Size 194 kB (194183 bytes)
Hash dacc1170018d756202443dbda2298f6d
9ec7acf6dfde9d297c82461ad83612dbfc66a69f
eea25f10c2b7e88b994d43fb2af2f42763254ad6bfdb9cc439d025df01449e02
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/css/frameworks.min.css?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 194183
Last-Modified: Sat, 09 Sep 2017 04:59:33 GMT
Connection: keep-alive
ETag: "59b37535-2f687"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.1.1
103.38.161.16200 OK 59 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type Unicode text, UTF-8 text, with very long lines (59112), with no line terminators
Hash ca89d73bc9d775f867c6ab412d9c27ac
2aa8d7a9566ab9bb58a27c971626050891b9abd6
8fde49c131a9b1086d07bea676e3c9f7428c17bc23b635c3f706bb8a6d1e4dd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:46 GMT
Content-Type: text/css
Content-Length: 59122
Last-Modified: Mon, 25 Dec 2017 08:58:54 GMT
Connection: keep-alive
ETag: "5a40bdce-e6f2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
103.38.161.16200 OK 3.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash d057d17357d72e1a642ef5e2d114449e
eff1b037a96fe2efb4247939938ac8fb09c8b3db
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 3572
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-df4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.1.2
103.38.161.16200 OK 14 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.1.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 8fc21b09439da08182d9a8d6dcf89192
a2fcea51f5239e6f2ba776f393057f08b6567f01
690746866a4d8845f80c3ad9162dfbc787e56834f12018d47b14b95e318e3838
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.1.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 14151
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-3747"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/style.css?ver=17.1.1
103.38.161.16200 OK 5.2 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/style.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 89f1baaba05afc9ee2988631aa87108f
c37f9f11662a02e94f12695e52381146067ed426
70dc35e44da16684278d0b4d06c533b303dadd79af9d9cbdb9b94346c9778ab9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/style.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 5234
Last-Modified: Fri, 24 Nov 2017 03:47:29 GMT
Connection: keep-alive
ETag: "5a179651-1472"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
103.38.161.16200 OK 31 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 31000
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-7918"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/css/base.css?ver=17.1.1
103.38.161.16200 OK 54 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/css/base.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (2051)
Hash 00bb049789d239a3a3469d09025ef137
71d4c2018389f6c45047ea3b1fd8da8fe2904071
e5f82215e9234cfdfafb7f39697801d355eef691cd30c3896ba70fe0b9865ac0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/base.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 53733
Last-Modified: Thu, 10 Aug 2017 13:27:05 GMT
Connection: keep-alive
ETag: "598c5f29-d1e5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.1.1
103.38.161.16200 OK 58 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (58508), with no line terminators
Hash e84ea59f1f6d11b5553e816613eb659f
d22c414356217e342565d629ce96a684a5005aba
e803d4290c5baec790ecde06d9308c6bf17f967c8232e3651844bfd60dd2a9f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 58508
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-e48c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.1.1
103.38.161.16200 OK 20 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (365)
Hash cf7eacbc2bc887b146299b70f4a21568
888efbb0357eeacf273b870956d266dea627d465
231da2e502aa3aff1a1cbbacc451848edcb3fe7db0901d407505a9a704a17720
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 19600
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-4c90"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.1.1
103.38.161.16200 OK 18 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (402)
Hash 670aab09302df69a9c33f3ab02eb93ad
15d7686fbf16f725ff14068ee171aae7d1424502
43a19f940f46c4d62b4ebd581d263575a774143d9533c921164fc9f487542167
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 18388
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-47d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.1.1
103.38.161.16200 OK 10 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 40444221b85ab406277bf3ca7499cea2
a501e9325d8103d32656fd6138e37b4f942bf484
a1e683ed3c4b45135db0b27f0e206ccf3c819a014d00e2342278aa98b6f753bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 10145
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-27a1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/css/layout.css?ver=17.1.1
103.38.161.16200 OK 114 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/css/layout.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (401)
Size 114 kB (113887 bytes)
Hash a3e6c0dbe57593e0bd80ca76515849d6
bbbe1c2ef40a9501676106d53d76c9a3a73219e5
d58c1d6840aa34046fd7a04a92ea81699e1c33dc0bfaf72e1159912f43679344
GET /wp-content/themes/betheme/css/layout.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 113887
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-1bcdf"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/css/responsive.css?ver=17.1.1
103.38.161.16200 OK 55 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/css/responsive.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (612)
Hash aa0234f428368cc562de30c4243c2937
e2f44bd0a20bed64d76565fe28c25844b8c42361
d78ec15b8edb36052c8e6ffa44b6e46b5b7ff45a25a5c80028d5aa1bfb48be6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/responsive.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 54696
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-d5a8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.1.6
103.38.161.16200 OK 17 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (16582), with no line terminators
Hash ef3e5ace49c8ad3d41ae667fff51ade5
4371224a7867a5ec2e4783da3dc5f60dbfe30a81
9207415a65c3682bc343031ef6842a3a4a9e17a1ed88e8fdf9ec745114386717
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 16582
Last-Modified: Fri, 22 Dec 2017 15:58:07 GMT
Connection: keep-alive
ETag: "5a3d2b8f-40c6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/css/woocommerce.css?ver=17.1.1
103.38.161.16200 OK 40 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/css/woocommerce.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type Unicode text, UTF-8 text, with very long lines (423)
Hash 8de5ad44e903a7d3f49fd545ff8eddb2
2485f939e8116d5d7279f0ac4904f23b5dfbb9c5
812bffa60050cb1fad0d95dc4e36479f544eac968a5ae453ebc9f0e23e6dfff3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/woocommerce.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 39842
Last-Modified: Thu, 14 Dec 2017 08:39:26 GMT
Connection: keep-alive
ETag: "5a3238be-9ba2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
103.38.161.16200 OK 10 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: application/javascript
Content-Length: 10056
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Connection: keep-alive
ETag: "573eaa90-2748"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/jquery.js?ver=1.12.4
103.38.161.16200 OK 97 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32077)
Hash 8610f03fe77640dee8c4cc924e060f12
076524186dbbdd4c41afbbd6b260d9e46a095811
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: application/javascript
Content-Length: 97184
Last-Modified: Mon, 23 May 2016 09:00:29 GMT
Connection: keep-alive
ETag: "5742c6ad-17ba0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.2.7.1
103.38.161.16200 OK 353 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.2.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (353), with no line terminators
Hash f68451c8c208daba94c4bc245d8dcac9
7ed751cb043aa2e82c5b5d5d3ee94c9230d1f1c3
bcb80825339a28bdf9fa3ea381fb64c7d82c84e4507a1cd3b2aaecc1b149321a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.2.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: application/javascript
Content-Length: 353
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 22 Dec 2017 15:55:25 GMT
ETag: "161-560efd84c9c44"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.2.7.1
103.38.161.16200 OK 367 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.2.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (367), with no line terminators
Hash 07daea80368473c2bba98223891e196b
1acc434294d1c82265aa227db3453cc5601d6cec
72e37bcef1b5ed400570bb993865334de58cad27293c99bfc6b59881bbcdd615
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.2.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 367
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 22 Dec 2017 15:55:25 GMT
ETag: "16f-560efd84cea64"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.1.6
103.38.161.16200 OK 24 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash ab5c641341135bae9cde257a14da0656
386804e789461da7b84d5e6e180ae87e67276dc8
7f612443943aaf092378e9fa4082d03bb33e0a4430b19f51fe16077e66729db3
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 23831
Last-Modified: Fri, 21 Jul 2017 09:54:40 GMT
Connection: keep-alive
ETag: "5971cf60-5d17"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/css/shortcodes.css?ver=17.1.1
103.38.161.16200 OK 137 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/css/shortcodes.css?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (404)
Size 137 kB (137407 bytes)
Hash 03ff8f0c2e68dc9257c3e4e0c623d4cc
665b03da50355eb7789c6129c87024193981f104
9728ed3ae3a88626b1ec71c41136534a713e37348b85a62bd2a4f16e01c44beb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/shortcodes.css?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:47 GMT
Content-Type: text/css
Content-Length: 137407
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-218bf"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/bwg_frontend.js?ver=1.3.67
103.38.161.16200 OK 7.5 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/bwg_frontend.js?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash e4add7427e7d1416c07484439488d62d
107427ef302388effda0506f53cefeaacf4dddbb
e2281528108d642153f46b43c41de2b31bd7a461348b212d49e2d0256dc63af7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/bwg_frontend.js?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 7481
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-1d39"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.2
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (11692)
Hash ba1220160c45d126b5b4ef26568d484c
c415d7f855e14face2d07d14becec39d833aef40
ab3290fa762379839c1f6b170f99505c84aef28f7f67918e2bfa21246b99c541
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 11780
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-2e04"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.1.6
103.38.161.16200 OK 110 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (65335)
Size 110 kB (110143 bytes)
Hash f3409c5d7bb26b01ab4b664ab9b23ef3
359de9d4aef6f59ef9374bcfc8e72b959193d95f
4b5cb538bb18dfd4a186ad1e6490079cd3db95060035aece33bfde8234904f96
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 110143
Last-Modified: Fri, 21 Jul 2017 09:54:40 GMT
Connection: keep-alive
ETag: "5971cf60-1ae3f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
103.38.161.16200 OK 118 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32006)
Size 118 kB (117770 bytes)
Hash 8229047eb3f5c59dd6d2bf86848b3f87
5e2705877f3dca6466c0dfc0bba16598e3f815b7
698edc68d4fafaaf758e646034a4a9b1430239bd584708c8dde1dce169c7c716
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 117770
Last-Modified: Fri, 21 Jul 2017 09:54:40 GMT
Connection: keep-alive
ETag: "5971cf60-1cc0a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.mobile.js?ver=1.3.67
103.38.161.16200 OK 6.4 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.mobile.js?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (6322)
Hash 63d1efa154bd0728b1dcb3c4abee929d
b29b779e8b5fc5809e25343858a7d73ee4c93a02
d50e992ac846d1a23ac3fde9ddc997a572fc65702611c667b0a758cf8ee99083
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.js?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 6418
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-1912"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.3.67
103.38.161.16200 OK 25 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (24110)
Hash c0efc8c25969b270348069a176e93f8c
39680ef85bdbec350f35e41de4bfca303f5dc34f
db06dcfa0112b05cef7abd20fadc5baf632a316515f07cfd4fceb436c8a0cb1b
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 25168
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-6250"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js?ver=0.4.1
103.38.161.16200 OK 7.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js?ver=0.4.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash a20ccc97b8ab6324adeb56fa34a04c55
bd9ceb6f34eac052e13bb21f76ce83f7334841d2
19e3bcd44b9c726bc12f4138ee4dece9f85487a7b54ea467f6444e323de2207f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js?ver=0.4.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 7583
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-1d9f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/photo-gallery/js/bwg_gallery_box.js?ver=1.3.67
103.38.161.16200 OK 8.0 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/photo-gallery/js/bwg_gallery_box.js?ver=1.3.67
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 62e278f64bdb66bd64155e59862ac4f2
b6a51e36f63f9add99685e116d8edad9d5aad2f6
2d55994805ef8dce445da154a0411137cbf7c58b3f47bef3985c3972348b6d94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/bwg_gallery_box.js?ver=1.3.67 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 7971
Last-Modified: Fri, 22 Dec 2017 15:57:56 GMT
Connection: keep-alive
ETag: "5a3d2b84-1f23"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5
103.38.161.16200 OK 62 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash e570ba4632b2719c18d2336726ccd009
6910242d7ac98108a3aee3e0d504d747206a1742
bc520f34e0e2530005a386d108c6422878efe5eee987659ba867015fde2ddf53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 62397
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-f3bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/frameworks.min.js?ver=4.8.1
103.38.161.16200 OK 128 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/frameworks.min.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32280)
Size 128 kB (128370 bytes)
Hash f1b7624012888a0643f6813f3312da6b
94ff6a635c4af77d6e6a3f093c7f31ae6c95ed82
4bd57130881da44aee58fde09b9604dc1225257f8adf1eab8e5ea4c6af092042
GET /wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/frameworks.min.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 128370
Last-Modified: Sat, 09 Sep 2017 04:59:32 GMT
Connection: keep-alive
ETag: "59b37534-1f572"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.1.1
103.38.161.16200 OK 2.1 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type HTML document, ASCII text, with very long lines (2084), with no line terminators
Hash 4eb91ab2e0700e25ede6519f0123dc8a
cdedf5f767b46fad27df60237c157b9827ccff66
46fb5d05de7e8413a56fa7c0127cb314e3a34e5628a84d20ab75babd78995148
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 2084
Last-Modified: Mon, 25 Dec 2017 08:59:23 GMT
Connection: keep-alive
ETag: "5a40bdeb-824"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5
103.38.161.16200 OK 108 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (27184), with CRLF line terminators
Size 108 kB (107526 bytes)
Hash e6b48b6ba78ddfe39bef9b6bf147543e
8950b7ef02baf1ea3a6bde99a613a5224216ab18
9a56320bb8bfb81dc997a1120c77ec017cffab4db5ba5482afb29129e0690540
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 107526
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-1a406"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.8.1
103.38.161.16200 OK 238 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with CRLF line terminators
Hash cd07bbb8293f69efbeae99bfbac6c987
1cb72199311b0b48f3259affa1784244d1228d06
ac232697cdfd23d01de758a9e980609ae4ac5da438b52dae941aabba19881e77
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 238
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 17 Nov 2017 12:06:03 GMT
ETag: "ee-55e2c8f8540c0"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
103.38.161.16200 OK 895 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 902b7ca09549975e55e136fb0026df9a
ae9b808c87bbbf57b9f3132c41effaaa12af03ff
2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 895
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 21 Jul 2017 09:54:40 GMT
ETag: "37f-554d0da8a9800"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
103.38.161.16200 OK 6.9 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (6684)
Hash 8cf7f36bbd79bc0664b6113f7a7837fe
ede1f6fe3d18a0685b30c6d465686de7870f578f
38a448e9e03a9f64e7611b19af4bb8ec97fde2c708dc57ebbc7701be7ae3af08
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 6908
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-1afc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
103.38.161.16200 OK 3.1 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (2933)
Hash 82835a8960ddd73020389dbfa45c39a0
a54b01fc7de31d8068f61177d840125bb9ce011e
88b0379349a4dda6ebcc43c5bd12084d230c6105a6fd3c2f651c4e771b3eabef
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:48 GMT
Content-Type: application/javascript
Content-Length: 3148
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-c4c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
103.38.161.16200 OK 18 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (18203)
Hash a5001032177c492cf0ff7c86bc01169f
d1791a321f481e1acd51554192680780e2c9b079
eb7e788f6016944e258309006861d1c854918d838b40ee9d9ec7612fb98adbb3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 18426
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-47fa"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
103.38.161.16200 OK 6.5 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (6306)
Hash 1c4a13edec1958817e83433aeaa42f62
851d4f36ac29a54f9aeb865e4772e10b941252d3
49af6b83569c5e8c707e93884d9ba619b402f0a115925951301e2e3c844f0ad8
GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 6527
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-197f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (11922)
Hash 3ecd9590aac778514f4e69975ed91a62
c19e1243c5743bccb733b95cf2457868c93b2ed4
ba6ad27dd93884c875c17988fb463d0af15f70fd7d53969d79274f9cfe02a420
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 12139
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-2f6b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.2.7.1
103.38.161.16200 OK 1.3 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.2.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1348), with no line terminators
Hash 1533a920484dae1cbddc33b071547a4e
02586bf0d50046c908e10e264bb7cf4441a47ca7
bc9dceee514e9e6f79606b555b6862a893221a76e06a9158309729079c1e0075
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.2.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 1348
Last-Modified: Fri, 22 Dec 2017 15:55:25 GMT
Connection: keep-alive
ETag: "5a3d2aed-544"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11
103.38.161.16200 OK 7.8 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (7835), with no line terminators
Hash 51abb2908640033b1cd6563ce8dc6c29
038aa4bc6915f39177b04054896ae887aeac457b
b259de534ce1ec151a383c5cfbc69f8fc568399e0d400b60f2d9534d072c76e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 7835
Last-Modified: Fri, 03 Nov 2017 06:42:55 GMT
Connection: keep-alive
ETag: "59fc0fef-1e9b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2
103.38.161.16200 OK 22 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (315)
Hash 309d2173994b8a67480f596c09f37a21
64f777e16e7a934fa908220307b73bab6814bef7
1fdcbc103efd36c93cec22826c56503704e3f4ea9defe97c43521c562d6ce140
GET /wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 22358
Last-Modified: Fri, 03 Nov 2017 06:42:55 GMT
Connection: keep-alive
ETag: "59fc0fef-5756"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.2
103.38.161.16200 OK 14 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash a3a6b23cdbf1ac2316226ab23bc609ad
e5a6219afd67c7720580624a3d3047b5908aeecd
04b3e67d05f53167e48b314d1914722b31bb326362dbbbb6c94cf795fbbda19d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 14092
Last-Modified: Fri, 22 Dec 2017 15:56:40 GMT
Connection: keep-alive
ETag: "5a3d2b38-370c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/script.js?ver=4.8.1
103.38.161.16200 OK 20 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/script.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (19987)
Hash 28bdbc6d6964af0aa9d2ae2ab0021fb5
65dec2387ac06b891097cc81009723c7b5ee293d
1a5a4f4f230da3129e0fe518e114ce5f90df630a3830f6c0c5685c791050e11a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/script.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 20029
Last-Modified: Sat, 09 Sep 2017 04:59:32 GMT
Connection: keep-alive
ETag: "59b37534-4e3d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/jquery.infiniteload.js?ver=4.8.1
103.38.161.16200 OK 3.0 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/jquery.infiniteload.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (3040), with no line terminators
Hash c070c4db73d8dbb81083d000b4add672
cdd87d7f1ac9ba157cf69ac61ab954817fb361d1
be26beaf75aa2fd7e9d5fe39ed1104a6d17769025abd44cb078f63c678d5deff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/vc-twi-awesome-woocommerce-slider-carousel/js/jquery.infiniteload.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 3040
Last-Modified: Sat, 09 Sep 2017 04:59:32 GMT
Connection: keep-alive
ETag: "59b37534-be0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/country-select.min.js?ver=1.0.7.1
103.38.161.16200 OK 3.1 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/country-select.min.js?ver=1.0.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (3114), with no line terminators
Hash 5d689bcb04e6de0334346ebc24e8e97c
0a065179eb40334a40a40cc44934b35ccaf80051
497ea366fdfd4b85cd40e56c09d21087cd503a0537c96e84aab6dabfb4f39235
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/country-select.min.js?ver=1.0.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 3114
Last-Modified: Mon, 25 Dec 2017 08:59:25 GMT
Connection: keep-alive
ETag: "5a40bded-c2a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
103.38.161.16200 OK 9.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (9172)
Hash 81b2be18696c4dfe620f7b6d0d75a566
0c3cd7bdf58a65b07e17be39cfe4e386571bb4bd
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 9566
Last-Modified: Mon, 25 Dec 2017 08:59:28 GMT
Connection: keep-alive
ETag: "5a40bdf0-255e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
103.38.161.16200 OK 1.8 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1680)
Hash 943f6eb962c25bd965e0f0e5a284fcd0
b050a98ebaef01d7597bf8c1acb995c0ef3bcbd9
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 1846
Last-Modified: Mon, 25 Dec 2017 08:59:33 GMT
Connection: keep-alive
ETag: "5a40bdf5-736"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.1.1
103.38.161.16200 OK 2.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1308)
Hash 789fe3bff4824a9c8e9d0b5f89ef1a00
011624e29392ada11c608172fd329b9346e7da8e
ce7d5001e17a09f3441f21312c3b357b4f5df6c019e788fb9f483ebc12eeb9ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 2573
Last-Modified: Mon, 25 Dec 2017 08:59:24 GMT
Connection: keep-alive
ETag: "5a40bdec-a0d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.1.1
103.38.161.16200 OK 562 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (562), with no line terminators
Hash 765234021a972dcbdd5ef011a4870b28
49c7cef1785f857aaca8d1757ac7aa26041c635d
c6361a648d15fdf9cad312750da2568bd07a34a58e2ee1e1cf6b50d878e11a08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 562
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 25 Dec 2017 08:59:27 GMT
ETag: "232-56126623442b4"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/js/swatches-and-photos.js?ver=1.5.0
103.38.161.16200 OK 13 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/js/swatches-and-photos.js?ver=1.5.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 59bb700e8d56f6214e8e79e7d0f806bf
f82453a08dcbe30ddb41105953fc62582f020896
52c1c906560da7dba48e07bb78b912de47cef9bfb5fdf96ecc245a0dd46022de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-variation-swatches-and-photos/assets/js/swatches-and-photos.js?ver=1.5.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 12739
Last-Modified: Fri, 15 Sep 2017 11:54:07 GMT
Connection: keep-alive
ETag: "59bbbf5f-31c3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
103.38.161.16200 OK 22 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (21592), with no line terminators
Hash e2335332e53dd86db3fb0c9fc25457af
9c2a6a68bbc2276abab96358fe2a54b014982cb9
d80483c2fe131fd9d01d51b0378e0c3e2a7571e91f4f0fbd37de6276a1b464d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 21592
Last-Modified: Mon, 25 Dec 2017 08:59:35 GMT
Connection: keep-alive
ETag: "5a40bdf7-5458"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.1.2
103.38.161.16200 OK 10 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.1.2
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (570)
Hash 5de440f155e5b7019aa3d75a2b8bb5ab
76f8e9751cb986f605151b0890249f867c7a1efd
eb6738b8d7ffd58860bcce5906a097cd305238856a2608706f9909e2f802e788
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.1.2 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 9964
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-26ec"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
103.38.161.16200 OK 16 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (15658)
Hash abcac4975c248d31ee7f58af56e357a4
f9e3c45b908a633aa76d27804e183030fe311ae7
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:49 GMT
Content-Type: application/javascript
Content-Length: 15736
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-3d78"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (11897)
Hash 5330c83425ab1b8f67ce63f741427adb
81405db33a325f50572b47ed0e854052b7241612
429f6b7a5802c15145bddd69b400dae34b814eebd42ea1a32934c9a55a159391
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 12110
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-2f4e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
103.38.161.16200 OK 25 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type HTML document, ASCII text, with very long lines (24678)
Hash 2896e90cc17e9abc160ed96bb86b07e3
429499906351dea7dca03652f040eda029e5f159
9023e3275b6d897b202ddb9848872a661fea055c96c2973a02e1cf5e39f04afd
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 24899
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-6143"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
103.38.161.16200 OK 8.6 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (8361)
Hash 334c2ffb0b086ffc0f6f192ea120f3c2
1a1b1840fa91c9692a546a9074709f74b1d032ba
bbde0ea9c50274448afdee811988867d3579169daff16b64bcb99ad1ee10905f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 8584
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
Connection: keep-alive
ETag: "581acdd2-2188"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/js/menu.js?ver=17.1.1
103.38.161.16200 OK 2.4 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/js/menu.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash fb1ee53d04c799b2093dbc0e9b4c22c3
1fdbcea2a8dc3e59a431d3ec490fb75bdbd3b4c1
9d3d90f939789eee6791294614fa2472015f8d1b28aa77fd48b1f18415c6cd6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 2449
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-991"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.1.1
103.38.161.16200 OK 53 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (634)
Hash bcff4f0f0eaaf75435e924eec527616d
fe1e7850635b2a1564e8f7f3195617d2eaba73d7
552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 52702
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-cdde"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.1.1
103.38.161.16200 OK 1.9 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1723)
Hash ecd2988783bb4e49f6a242620d54ac21
6863076f3f4c1d0203e511258703af9f02fc97a7
20fbf71645de91c6368d758f878b980c72bce11166a26902bc3e9625eac51833
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 1896
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-768"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.1.1
103.38.161.16200 OK 6.7 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash af31b2d759ddae795f623b8ff403c3ef
a45db8f433ad5d481258e452d75e444f02a0473d
473fbe193000b252278e08104106331b16cd71d1d671d52062d98b283a95b94e
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 6704
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-1a30"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/js/plugins.js?ver=17.1.1
103.38.161.16200 OK 140 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/js/plugins.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (31789)
Size 140 kB (140152 bytes)
Hash f304b0f7cd75a1c9156a403e573eb2b1
258e8122d6d6f81c145f0569bee35b4ce055ee54
16d53778bfae7cf0864a171909569f09bd98977f7aef806edda691a5eae85358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 140152
Last-Modified: Fri, 22 Sep 2017 04:42:41 GMT
Connection: keep-alive
ETag: "59c494c1-22378"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.1.1
103.38.161.16200 OK 6.9 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (6808)
Hash 35b06f5519f6e60b6b727e24daf95155
3bdc783c5d60e45e956d2f0eb8a8f609bacae868
9f51bfc3eafb8a24fa03ed1599ce149a7a6b42c8510fa5710b35d2496bdd2593
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 6913
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-1b01"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/js/scripts.js?ver=17.1.1
103.38.161.16200 OK 68 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/js/scripts.js?ver=17.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash eca01ca588a0614009205a0401c49911
27256f95b8b5164b4e0e9d5d2eba7cf2bad51e90
2a57f4a6b0908620e51b80a060d2789bb2b941ce6ae7ea331365a131ffdd8403
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=17.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 68432
Last-Modified: Mon, 18 Dec 2017 08:34:04 GMT
Connection: keep-alive
ETag: "5a377d7c-10b50"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.1.6
103.38.161.16200 OK 46 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.1.6
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type Unicode text, UTF-8 text, with very long lines (10809), with CRLF line terminators
Hash 4aab99665dc2b2da2c4a29d2f09bbd1f
5c31b56797cce2e85ce20c84272080ce90017498
6ec5e139743b312193eccb9e912e2d8f0c4d58ca093cce0844fe07bdbebb97b9
GET /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.1.6 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 46525
Last-Modified: Fri, 22 Dec 2017 15:58:07 GMT
Connection: keep-alive
ETag: "5a3d2b8f-b5bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
use.fontawesome.com/997dc37f16.css
172.64.133.15200 OK 8.2 kB URL HTTP/2 use.fontawesome.com/997dc37f16.css
IP 172.64.133.15:0
Hash eb62d1f8144f57998950fb6afce4610a
5b3d28fb1a847f1c5cc34680caac53127f61e152
ffa2bfbdad09f4280ad5d141a4dafbc5927a3ee78afab4c68001d7d8df0f8204
GET /997dc37f16.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 04:22:45 GMT
content-type: text/css
x-amz-id-2: 6j7DWlohJGdHzRJIdC0NAlQ23cD9vXKctUMOe5k4EDu5/xEgkbxV116crKaoXBpf68bSOmPjMqI=
x-amz-request-id: 4AYVVMHW3T8P3Q1G
last-modified: Thu, 01 Jul 2021 13:07:51 GMT
etag: W/"21d568f08b296f940ea954aae53ff740"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdEKC4kWMIUqHtuMSD10sFOahy6gomHq3EPmEqWQsUPYbAUQOo0UB8UrVSrstjkyZ6%2Bv2ZWifgzs1G9z1YlFBpxSFjPqHre2BhYAGFrnzsUQLAU3j8OjvxIegWEo%2FwA%2Bd%2FpTZCLQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796196083e7323bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.7.1
103.38.161.16404 Not Found 207 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.7.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47969), with CRLF, LF line terminators
Size 207 kB (206563 bytes)
Hash c196c419ba6b3f9d4b0d0f999dd4b884
e661232bfe17d9684a57f3896c3af32fed67b1ed
e2ae6ee1502ce0b8da44047b451f8a94071f744ef4a381517e20538e9f76edb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=3.7.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://sofia.com.hk/wp-json/>; rel="https://api.w.org/"
Set-Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1; expires=Thu, 09-Feb-2023 04:22:48 GMT; Max-Age=86400; path=/
sofia.com.hk/wp-includes/js/wp-embed.min.js?ver=4.8.1
103.38.161.16200 OK 1.4 kB URL HTTP/1.1 sofia.com.hk/wp-includes/js/wp-embed.min.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (1398), with no line terminators
Hash 5a03f97cc479b9f5d7efdaccec31bc17
54518be91b7c5d4b139e032d23ffae568cc7e9fd
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 1398
Last-Modified: Wed, 23 Nov 2016 13:38:33 GMT
Connection: keep-alive
ETag: "58359bd9-576"
X-Powered-By: PleskLin
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 18:19:39 GMT
Expires: Sat, 03 Feb 2024 18:19:39 GMT
Cache-Control: public, max-age=31536000
Age: 381791
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=4.8.1
103.38.161.16200 OK 349 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=4.8.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Hash 935dcd3d99379ccd8392d54835f67d1e
e3ea18523c1fc5815bac16431642b3260342cc66
da8639265c27dd624482432b9f55d4903ef994868232113295f121b014adccc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js?ver=4.8.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 349
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 19 May 2017 08:38:22 GMT
ETag: "15d-54fdc71ab3b80"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.capital.ua/uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg
104.21.11.12301 Moved Permanently 178 B URL HTTP/1.1 www.capital.ua/uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg
IP 104.21.11.12:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg HTTP/1.1
Host: www.capital.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.capital.ua/uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaoTd3yqwriZKOBJYWg0%2F62uBwweNR6IjaH8D0EfmQz8oyvrELvTs4WDhNu8ZFae9uOj0Mh3doOo3HKHZ5vGj%2Bc3Y8rZSigvEetDTUNFiLRoXD9fPMp3y72gCWtYASEttw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796196288959b4ee-OSL
alt-svc: h2=":443"; ma=60
sofia.com.hk/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.1.12
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.1.12
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (11848)
Hash 4f4a4532a0f0dcfa2011982549ec164e
a30347d7e2c21a7f7b81cda2c933e38953d49e19
d915c1a38320682d4c8e6fbe119889d26a91958f472d10808c161f938fc14957
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.1.12 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:50 GMT
Content-Type: application/javascript
Content-Length: 11891
Last-Modified: Fri, 22 Dec 2017 15:56:23 GMT
Connection: keep-alive
ETag: "5a3d2b27-2e73"
X-Powered-By: PleskLin
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 07 Feb 2023 06:22:02 GMT
Expires: Wed, 07 Feb 2024 06:22:02 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
Age: 79249
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 08 Feb 2023 01:05:24 GMT
Expires: Thu, 08 Feb 2024 01:05:24 GMT
Cache-Control: public, max-age=31536000
Age: 11847
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9628
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 05 Feb 2023 16:03:13 GMT
Expires: Mon, 05 Feb 2024 16:03:13 GMT
Cache-Control: public, max-age=31536000
Age: 217178
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9576, version 1.0\012- data
Hash 9b9ec29522d1bf8924ccc2d917e1807b
1df345651c653bba476ab6b8546351ec7f4f018a
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9576
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 07 Feb 2023 04:08:29 GMT
Expires: Wed, 07 Feb 2024 04:08:29 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:58 GMT
Content-Type: font/woff2
Age: 87262
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9644
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 02:12:28 GMT
Expires: Sat, 03 Feb 2024 02:12:28 GMT
Cache-Control: public, max-age=31536000
Age: 439823
Last-Modified: Wed, 11 May 2022 19:24:50 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 02:42:39 GMT
Expires: Fri, 02 Feb 2024 02:42:39 GMT
Cache-Control: public, max-age=31536000
Age: 524412
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 00:13:21 GMT
Expires: Fri, 02 Feb 2024 00:13:21 GMT
Cache-Control: public, max-age=31536000
Age: 533370
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
216.58.207.227200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sofia.com.hk
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17032
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 07 Feb 2023 11:43:14 GMT
Expires: Wed, 07 Feb 2024 11:43:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:52 GMT
Content-Type: font/woff2
Age: 59977
sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.1.1
103.38.161.16200 OK 6.9 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.1.1
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (6940), with no line terminators
Hash 481ccb80ba6b75ac2f278df91cbb28d4
a251f2c7635e3b5ae9f77f9ee412f4c4dd476e46
8aff5defc6096f98979e1f23cab268ac7f75f8934f0ffd0cfd7e3693c9d12502
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.1.1 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: text/css
Content-Length: 6940
Last-Modified: Mon, 25 Dec 2017 08:58:54 GMT
Connection: keep-alive
ETag: "5a40bdce-1b1c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
103.38.161.16200 OK 557 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 55 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 104e61882b3befd7a98a44066c6e2c28
77a5831734d64d69f1a05dc36f639d894569f4be
b4a519444bc7e349585ba973ab04b3b645da74244bd1707443960c731251ce53
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 557
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 25 Oct 2017 07:01:45 GMT
ETag: "22d-55c59a0e8a840"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/uploads/2017/07/logo_sofia_desktop.png
103.38.161.16200 OK 7.6 kB URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2017/07/logo_sofia_desktop.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 244 x 119, 8-bit/color RGB, non-interlaced\012- data
Hash 4314d8ea46e0875302a3e029a0470cad
3a35a7680e7d5cf12f19181134f71ae496706f04
db53cf8fd1b091f496bb2537322a74273b03c2b23db6b1a1073770f5006ebfed
GET /wp-content/uploads/2017/07/logo_sofia_desktop.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 7584
Last-Modified: Tue, 28 Nov 2017 04:53:24 GMT
Connection: keep-alive
ETag: "5a1cebc4-1da0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.png
103.38.161.16200 OK 381 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 55 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash ecb0bfd0a4f6c132405271c5630a81eb
d8bbb910ffb7b081de0ac8ffc0960be41e488ecd
1892beb56d888f05a5635a418bb6401dcec1df471c161dfd3df8bc97db4eca83
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/zh-hant.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 381
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 25 Oct 2017 07:03:41 GMT
ETag: "17d-55c59a7d2ad40"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/uploads/2017/08/logo-r.png
103.38.161.16200 OK 12 kB URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2017/08/logo-r.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 550 x 183, 8-bit/color RGBA, non-interlaced\012- data
Hash bac83d8c67a2e74fed920f4ae3a09d83
05f82cc03a41fbb1b1d95f16a4c4483ec8ba3032
56a3c6678035404fcec3a07abff22b322238210cbe8a0a49895527b2861c18b5
GET /wp-content/uploads/2017/08/logo-r.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 12256
Last-Modified: Wed, 29 Nov 2017 02:25:05 GMT
Connection: keep-alive
ETag: "5a1e1a81-2fe0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c897d85de708a91ab901fb9ac52e83be
9a5ec6808f32a525c2a62acd018833949012b3a5
89e9377e9e351385ae1edba82c8f8fbcd244e09ef24a4b979b791b2b9439d4bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:51 GMT
Server: ECS (amb/6BA2)
Content-Length: 278
sofia.com.hk/wp-content/themes/betheme/images/box_shadow_button.png
103.38.161.16200 OK 108 B URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/images/box_shadow_button.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 5 x 4, 2-bit colormap, non-interlaced\012- data
Hash 7d1900d531808efae7e76b9ec79df374
6e2519c8ad9a65df2868819dcafc600eda9a8313
0d05c180f2f588df2bde7a1846219a9d3383d161828c056c265c6890d676552b
GET /wp-content/themes/betheme/images/box_shadow_button.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/wp-content/themes/betheme/css/base.css?ver=17.1.1
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 108
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
ETag: "6c-54a14808bcc00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.capital.ua/uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg
104.21.11.12200 OK 27 kB URL HTTP/2 www.capital.ua/uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg
IP 104.21.11.12:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=721, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 670x400, components 3\012- data
Hash 77553b15c903fcdfdeae348a623ff717
22a98770785d6026a113be0ca26415d59d65a2ef
f92cf4645b3319b2a8cc9911669a83d6410b5befac45a46c1355e20f03726a04
GET /uploads/news/2021/12/09/7bb3cd0814e3c9e6cf93f36e14debbeffd5ce5f2.jpg HTTP/1.1
Host: www.capital.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sofia.com.hk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 04:22:51 GMT
content-type: image/jpeg
content-length: 27061
last-modified: Thu, 09 Dec 2021 13:03:37 GMT
etag: "61b1fea9-69b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk%2Bu3Yrrwt%2BcrG1QsCQI8vVzHEH4lnAYECAsxjRxQhJZBizdGVr5wQYbDbSKWBRO7%2Bos%2F6gfp2eolfc8OumzT6LVlSt7O68XUG3pqJA3kcCg283fCdKURjjXbJ8aOkSeWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7961962b1825b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c897d85de708a91ab901fb9ac52e83be
9a5ec6808f32a525c2a62acd018833949012b3a5
89e9377e9e351385ae1edba82c8f8fbcd244e09ef24a4b979b791b2b9439d4bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:22:51 GMT
Last-Modified: Wed, 08 Feb 2023 04:22:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
sofia.com.hk/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439
103.38.161.16200 OK 81 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type Web Open Font Format, TrueType, length 80636, version 1.0\012- data
Hash 3da843d15ed5d4d39e269cfbad8345fb
1d915a3fd051f9e9cf6f545dfe31939fdb368738
f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sofia.com.hk/wp-content/themes/betheme/css/base.css?ver=17.1.1
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: application/font-woff
Content-Length: 80636
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
Connection: keep-alive
ETag: "58bdb1b0-13afc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4
103.38.161.16200 OK 28 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (28168), with CRLF line terminators
Hash 4c8034d4830f59a65ef5921055a81840
d55e6bd293ef939f32a440ca534ecfcf9185dad4
f0c949d41d22c4659526d0f6a2189cf5c3372a9fe521a83ec266e06fecedd862
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: application/javascript
Content-Length: 28418
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-6f02"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/images/box_shadow.png
103.38.161.16200 OK 108 B URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/images/box_shadow.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 5 x 3, 2-bit colormap, non-interlaced\012- data
Hash 449d9ef55c135a86ebd8ec91c7f170e6
acbb68ea104cfdd08081c66ce8a151e4668ef313
3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
GET /wp-content/themes/betheme/images/box_shadow.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/wp-content/themes/betheme/css/shortcodes.css?ver=17.1.1
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 108
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 06 Mar 2017 19:00:00 GMT
ETag: "6c-54a14808bcc00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4
103.38.161.16200 OK 8.3 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (8106), with CRLF line terminators
Hash 149c9ebb74d4354abe752564f516635c
94a36d5a9cecd56631ea027d02fabb1c543dbb88
46a5a463ecdf57796dcaf1842ed3c5afe827fefc6bf0d464f4aed03397c9c935
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.3.1.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: application/javascript
Content-Length: 8342
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-2096"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/uploads/2017/11/photo6102617073113999323.jpg
103.38.161.16200 OK 16 kB URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2017/11/photo6102617073113999323.jpg
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 518x1200, components 3\012- data
Hash 528fdb147373652c411537bab1ac43a3
fccfdf0b34f098ad69c510f655a89dfbb24573f8
87ec386ea6782e1b6772a848a334faf7651915fc1f5b2d03176983b0e14dfa09
GET /wp-content/uploads/2017/11/photo6102617073113999323.jpg HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/jpeg
Content-Length: 16308
Last-Modified: Thu, 23 Nov 2017 07:57:16 GMT
Connection: keep-alive
ETag: "5a167f5c-3fb4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4
103.38.161.16200 OK 50 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (32005), with CRLF line terminators
Hash 2984cd848201aee5b321e9bf7fc6f514
2b4d94877ab5a3befdb2510478d444317aaf7453
7a7499032e51e8bcb6d0e57b5dead5349bd0abd519ee79e1538cc64f9d9030cf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.3.1.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: application/javascript
Content-Length: 50176
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-c400"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.3.1.4
103.38.161.16200 OK 26 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.3.1.4
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type ASCII text, with very long lines (25832), with CRLF line terminators
Hash adb7b96105b60b1bb1b77d1ae0659504
ce42314dcb27947b3d5577ebc44dfc7fdca14d8e
37cb4ed8291c673401c21aa0248f8a29e6b49a5c81de1ff5a5e9970d91808627
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.3.1.4 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: application/javascript
Content-Length: 26071
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-65d7"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/themes/betheme/images/old_zoom_original.png
103.38.161.16200 OK 14 kB URL HTTP/1.1 sofia.com.hk/wp-content/themes/betheme/images/old_zoom_original.png
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash dc94672133ed11473d195bf2ab0a7978
11eabeb6ae44433e1ab46fc1e30f44e537f102e4
398b233bb0135b1e308d36b3fb52cd57f3ad9e6ef143d8c1228a23cb3dd154bc
GET /wp-content/themes/betheme/images/old_zoom_original.png HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/png
Content-Length: 14345
Last-Modified: Wed, 27 Dec 2017 14:38:50 GMT
Connection: keep-alive
ETag: "5a43b07a-3809"
X-Powered-By: PleskLin
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xc32O6lBfn7jYg9I3VlZ5FnR9YpJtU3DbYD_ozsf_-R_Ih1-2e1-CQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:10 GMT
age: 24042
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/uploads/2018/04/banner03.jpg
103.38.161.16200 OK 280 kB URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2018/04/banner03.jpg
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2018:04:23 11:26:40], baseline, precision 8, 1500x500, components 3\012- data
Size 280 kB (280509 bytes)
Hash 812c461211ef3f82ddf51e606169d1a6
0c815c4ccab4169514f2dcb616fc6790f6948172
6cd9ec5951636517b10fc2af38237c59f8644bc0c876b151adbcb8ed1f685fd5
GET /wp-content/uploads/2018/04/banner03.jpg HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/jpeg
Content-Length: 280509
Last-Modified: Mon, 23 Apr 2018 03:18:56 GMT
Connection: keep-alive
ETag: "5add50a0-447bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tutunok.top/image/cache/catalog/product/amber-1200x800-product_popup.jpg
79.137.44.76404 Not Found 24 kB URL HTTP/2 tutunok.top/image/cache/catalog/product/amber-1200x800-product_popup.jpg
IP 79.137.44.76:0
Hash baad9803cff85b44267d6e45c0028afb
5aad0d977dbf455a3109c3a74b5b15f19542591c
365303fbe56c7a5d9a0c8dff2073d1023449a4403a6992ed5185c9ac604dc0aa
GET /image/cache/catalog/product/amber-1200x800-product_popup.jpg HTTP/1.1
Host: tutunok.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sofia.com.hk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
set-cookie: OCSESSID=5865887b205c68fdc84534240b; path=/
OCSESSID=1e8ad4ff343ae0b3527469d856; path=/
language=ru-ru; expires=Fri, 10-Mar-2023 04:22:51 GMT; Max-Age=2592000; path=/; domain=tutunok.top
langmark_nocookie=1; expires=Fri, 10-Mar-2023 04:22:51 GMT; Max-Age=2592000; path=/; domain=tutunok.top
langmark_multi_name=%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9; expires=Fri, 10-Mar-2023 04:22:51 GMT; Max-Age=2592000; path=/; domain=tutunok.top
currency=UAH; expires=Fri, 10-Mar-2023 04:22:51 GMT; Max-Age=2592000; path=/; domain=tutunok.top
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 04:22:51 GMT
server: Apache
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/revslider/public/assets/assets/loader.gif
103.38.161.16200 OK 2.5 kB URL HTTP/1.1 sofia.com.hk/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:52 GMT
Content-Type: image/gif
Content-Length: 2545
Last-Modified: Fri, 21 Jul 2017 09:54:38 GMT
Connection: keep-alive
ETag: "5971cf5e-9f1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tutunok.top/image/cache/catalog/product/amber-1200x800-product_popup.jpg
79.137.44.76404 Not Found 0 B URL HTTP/2 tutunok.top/image/cache/catalog/product/amber-1200x800-product_popup.jpg
IP 79.137.44.76:0
GET /image/cache/catalog/product/amber-1200x800-product_popup.jpg HTTP/1.1
Host: tutunok.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sofia.com.hk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
set-cookie: OCSESSID=feea7bcba568195696f97f1cd6; path=/
OCSESSID=fb4e299da9da2082964d43ab96; path=/
language=ru-ru; expires=Fri, 10-Mar-2023 04:22:46 GMT; Max-Age=2592000; path=/; domain=tutunok.top
langmark_nocookie=1; expires=Fri, 10-Mar-2023 04:22:46 GMT; Max-Age=2592000; path=/; domain=tutunok.top
langmark_multi_name=%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9; expires=Fri, 10-Mar-2023 04:22:46 GMT; Max-Age=2592000; path=/; domain=tutunok.top
currency=UAH; expires=Fri, 10-Mar-2023 04:22:46 GMT; Max-Age=2592000; path=/; domain=tutunok.top
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 04:22:46 GMT
server: Apache
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/uploads/2018/04/banner02.jpg
103.38.161.16200 OK 0 B URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2018/04/banner02.jpg
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
GET /wp-content/uploads/2018/04/banner02.jpg HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/jpeg
Content-Length: 332999
Last-Modified: Mon, 23 Apr 2018 03:19:03 GMT
Connection: keep-alive
ETag: "5add50a7-514c7"
X-Powered-By: PleskLin
Accept-Ranges: bytes
sofia.com.hk/wp-content/uploads/2018/04/banner01.jpg
103.38.161.16200 OK 0 B URL HTTP/1.1 sofia.com.hk/wp-content/uploads/2018/04/banner01.jpg
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
GET /wp-content/uploads/2018/04/banner01.jpg HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofia.com.hk/
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2F
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: image/jpeg
Content-Length: 345710
Last-Modified: Mon, 23 Apr 2018 03:19:00 GMT
Connection: keep-alive
ETag: "5add50a4-5466e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tutunok.com.ua/image/cache/catalog/product/amber-1200x800-product_popup.jpg
188.114.96.1301 Moved Permanently 0 B URL HTTP/2 tutunok.com.ua/image/cache/catalog/product/amber-1200x800-product_popup.jpg
IP 188.114.96.1:0
GET /image/cache/catalog/product/amber-1200x800-product_popup.jpg HTTP/1.1
Host: tutunok.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 04:22:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://tutunok.top/image/cache/catalog/product/amber-1200x800-product_popup.jpg
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPpHz4IiTpn0EaBTiFnykjmDIz3%2BIscysBlqj3W9IguiY74MVjZaHZ0iBCrk5NO0xcZYTtfl9Jx%2BItiUJXij5lWtNlYeeVjOF0XZ2lZV2s%2Bz0dU63ARWU2JI7nBeMxV2Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7961960a7bc61c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
103.38.161.16200 OK 0 B URL HTTP/1.1 sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 103.38.161.16:0
ASN #55858 Speedy Group Corporation Limited
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: sofia.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sofia.com.hk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
Cookie: wpml_referer_url=http%3A%2F%2Fsofia.com.hk%2Fwp-content%2Fplugins%2Fsitepress-multilingual-cms%2Fres%2Fjs%2Fjquery.cookie.js%3Fver%3D3.7.1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 04:22:51 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Sat, 29 Jul 2017 06:44:44 GMT
Connection: keep-alive
ETag: "597c2edc-12d68"
X-Powered-By: PleskLin
Accept-Ranges: bytes
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofia.com.hk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 04:22:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 23940502
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7961960438ac1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2