r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16255
Expires: Fri, 03 Feb 2023 01:18:43 GMT
Date: Thu, 02 Feb 2023 20:47:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14219
Expires: Fri, 03 Feb 2023 00:44:47 GMT
Date: Thu, 02 Feb 2023 20:47:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17226
Expires: Fri, 03 Feb 2023 01:34:54 GMT
Date: Thu, 02 Feb 2023 20:47:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 20:36:07 GMT
content-type: application/json
age: 701
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xdUNDoY/ZJCc+8hDwg4X6tk/CzBPMKTOCxf1Eba1XPfHKR3bPq4Js6Np2j1u4V6i3RKGCd1fgpY=
x-amz-request-id: CADE1MHRDQB1DVPC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 20:23:15 GMT
age: 1473
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:47:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
saonacollection.com/Core/-/userid/chudy/?i=i&0=brad@malware-traffic-analysis.net
103.15.235.68302 Found 0 B URL HTTP/1.1 saonacollection.com/Core/-/userid/chudy/?i=i&0=brad@malware-traffic-analysis.net
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Core/-/userid/chudy/?i=i&0=brad@malware-traffic-analysis.net HTTP/1.1
Host: saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 20:47:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
Content-Length: 0
Keep-Alive: timeout=5, max=50
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 20:07:19 GMT
age: 2429
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Thu, 02 Feb 2023 21:26:37 GMT
Date: Thu, 02 Feb 2023 20:47:48 GMT
Connection: keep-alive
push.services.mozilla.com/
35.161.100.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.100.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GJJ1DfSR+KjIkuE4W95XdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sc9g49+adceIUNNlUHQFHj1ccHg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15539
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 20:47:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15539
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 20:47:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15539
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 20:47:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15539
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 20:47:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15539
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 20:47:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df1930b96e7ab4f5d4cbf64e473cc957
b793c3b6ca95d09a88635aec9eef99d12a1afe42
e5062168e5c4e1c11ebc9c653990e01546c3c60fbb59e49635934bc98e931ce0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4863
x-amzn-requestid: 80518d3b-e049-429c-b67d-4f4897ded9c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetPGPaIAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-00e41ad75acd71267a490f52;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Unsu1YKTCfvXjH8mQQXa-yupSZhwKznXaWyaRYAlThq32JbR4OZ0fA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:14:53 GMT
age: 48777
etag: "b793c3b6ca95d09a88635aec9eef99d12a1afe42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 82092
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 82884
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 47953
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 81343
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 80935
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Karla%3A400%2C700&ver=5.8.6
142.250.74.138200 OK 382 B URL HTTP/1.1 fonts.googleapis.com/css?family=Karla%3A400%2C700&ver=5.8.6
IP 142.250.74.138:0
Hash 28345cae0881150c0f4c5b30fe1e6ff3
18b6a2b14c8b75654a02ae384efd2e398d1caec8
3de1dadc0683b6e326f3947fb0da1846e30a706783434937aea4a7934e6e9aad
GET /css?family=Karla%3A400%2C700&ver=5.8.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 02 Feb 2023 20:47:52 GMT
Date: Thu, 02 Feb 2023 20:47:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic&ver=5.8.6
142.250.74.138200 OK 430 B URL HTTP/1.1 fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic&ver=5.8.6
IP 142.250.74.138:0
Hash 3d8926112ef8b7bb92467eb86a0f9475
f65e274f85692c3c07b617e22786a53291961dee
aee148b5191affa4c6c7ca2657d4b6bb15e50012c3c58be85400d07fc6b3b469
GET /css?family=Libre+Baskerville%3A400%2C700%2C400italic&ver=5.8.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 02 Feb 2023 20:47:52 GMT
Date: Thu, 02 Feb 2023 20:47:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
103.15.235.68200 OK 37 kB URL HTTP/1.1 pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2501)
Hash 8c8b3c0b62ff431d0074bbb0ace702e1
6a657fccbf4f11156ea57e49673109ad0b5a318e
83ab7062a330bf0303f36c16ba7da402b9fe3d27fac79517a3dbcea98b11916b
GET /?i=i&0=brad%40malware-traffic-analysis.net HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:49 GMT
Server: Apache
Link: <https://pro.saonacollection.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 37094
Keep-Alive: timeout=5, max=50
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6
103.15.235.68200 OK 48 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type TrueType Font data, 11 tables, 1st "OS/2", 24 names, Macintosh, type 1 string, Academicons\012- data
Hash 1afcbd6a1c454e7b7f0bc58155558b9d
6946cb2f01c31c1e5dfdc6a7e4ad64dc2e4cdca8
107cca07d33ea31bbfe719513aa2b36e8cb8c8c8bcd521148746f652738c7101
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 47500
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: font/ttf
pro.saonacollection.com/wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=3.5.1
103.15.235.68200 OK 4.6 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (43269), with no line terminators
Hash bf876e6554379480ceaa0ab51d92f5ef
e4bc24e8a0f8d767e36719b7d7d9c1ba5f27a9a8
192f81eb6edb5bba67d77833da39a4363d05004905f157f66dae8b2b72d6560e
GET /wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=50
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf
103.15.235.68200 OK 22 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type TrueType Font data, 13 tables, 1st "FFTM", 14 names, Macintosh\012- data
Hash 008827208ffc4eeab99bf3cc14fe1e56
e024a5229566e3864856d72b7796a56ca7127252
7cd8dcb9820d7558bcb35bde35d9923a77c8eb9d2a274366261ad55948dfed31
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 22188
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: font/ttf
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff
103.15.235.68200 OK 14 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format, TrueType, length 13988, version 0.0\012- data
Hash f3f73b280148eeed102d4a6874ac7886
973bfcd63513292f1bb220c241f6dde6509f1168
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 13988
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: application/x-font-woff
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.2
103.15.235.68200 OK 72 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.2
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socicon \012- data
Hash c3917ee9c1f1c6e17e69bbe155096fcb
ca10ff413fe8acc4e1f7df6438ec5716bc402540
751a0371c05e00d53805d36d47d9b7b0d965dbffe64ebc4b50d347beaa51fb44
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.2 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 72104
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: font/ttf
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6
103.15.235.68200 OK 48 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format, TrueType, length 47576, version 1.8\012- data
Hash 2552b354cabf01815628a244fde0636e
3c5e7d85d7e5030b8db8177daeb760abf97ed7dc
bbf62cb77adfebbdcf36ef1cf8d2587f4cfa9bf56e23118613749778f94d8e14
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 47576
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=50
Content-Type: application/x-font-woff
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0
103.15.235.68200 OK 98 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 98024
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=50
Content-Type: application/x-font-woff
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.2
103.15.235.68200 OK 8.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.2
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (8685)
Hash 7f3ccf045c3baa184d718be79eebe4a3
7df1b7d4c1d42686962cd6fd38d59e8ef41e7610
418e34f4679d6a3de0a1e9f6f9b06dabefe4cf4eb6b89f0607c396034a26f3d9
GET /wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.2 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 8686
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
103.15.235.68200 OK 1.5 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (5305), with no line terminators
Hash 9c19aa71a21bed87961fe5c084814ec6
51bfa532586ece9232bf68ca0bb23fd7655be44b
20058b83136746f8d9ac8c8540cb8384559dce9fa22a954323d364f458510782
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1505
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
103.15.235.68200 OK 77 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=50
Content-Type: font/woff2
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0
103.15.235.68200 OK 166 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 166 kB (165548 bytes)
Hash b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 165548
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=50
Content-Type: font/ttf
pro.saonacollection.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
103.15.235.68200 OK 28 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 2acb85d6ad6d21ecf05c1c85e2df32c1
27ea08472281aab988851bb5e70094eabc4c48c9
e6a17f08be47aebf4246e3a282223fd3d0afa1cd64d50a4d3fb609e17b74430a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27842
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
103.15.235.68200 OK 81 kB URL HTTP/1.1 pro.saonacollection.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 43c4bc05b5e3b0a6684a7c3a52e63590
ed6d95d525a710a82e8b8583e9ba7bce3b2a4722
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2021 10:28:45 GMT
Accept-Ranges: bytes
Content-Length: 80574
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
103.15.235.68200 OK 1.0 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 05cb926ed2dec23737715939ec824bca
6a2908b399a8a1ca4ff2ba6c89908a8b37f104d3
c96c37c85f46fe7403fa6c301987d0d4aae0418e16c5917efe24e06a5e2deeba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1017
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
103.15.235.68200 OK 6.5 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash a3a0186d0fa9ea895445035cab8ce26f
89eab12382ad8031ec558cbadd8888450c5e2455
c086344ae6e5093ceb2953a1ab8d6fbc7d290462d329bd26d191a5f76aa452bd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6474
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.0.4
103.15.235.68200 OK 14 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.0.4
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (4774)
Hash 9a8ecdf8993ec108328ee8ba1127a9b4
5238b4307783ddd11b3b402153a2daf37bfa64f9
e3ae3e5ebfbd2b627839d06824de2d66dd3a18a75db8ede71274a39998ecf370
GET /wp-content/plugins/popup-builder/public/css/theme.css?ver=4.0.4 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:29:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13547
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/style.css?ver=1.1.3
103.15.235.68200 OK 1.5 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/style.css?ver=1.1.3
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 65ca7a3842f6048b869bfc0724ff0cee
da9971d58e38c80a97b98ed6c1412cfc7c6ce332
40f54bc268a46cda0af8a2cf4a6e60ea767fb6a360aedd8ef1a8d6fdfa5c7cf4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/style.css?ver=1.1.3 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1503
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.12.1
103.15.235.68200 OK 644 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.12.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1773)
Hash 19ffa656355a9b60cb1370b3bfa5d26d
8e9ea6888b5c97aebe69ddd4c6310b9f446b1113
fcf67aa09ee64c8f953857e88f6cf945a8bd2aed824131f94a0e5f19fd8e5da1
GET /wp-content/plugins/woocommerce-multilingual/templates/currency-switchers/legacy-dropdown/style.css?ver=4.12.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:33:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 644
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/responsive.css?ver=1.1.3
103.15.235.68200 OK 384 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/responsive.css?ver=1.1.3
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 0069cd6064c549574c9359a8c3fc4a02
efa60031d8c02436cfbdffc016555d75bbdf67f5
ec6c0a491a43b483624caca4baceed662d048dcf629d214b586770ee1a39c392
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/deprecated/public/assets/css/responsive.css?ver=1.1.3 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 384
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/wpfront-notification-bar/css/wpfront-notification-bar.min.css?ver=2.3.0.102911
103.15.235.68200 OK 775 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpfront-notification-bar/css/wpfront-notification-bar.min.css?ver=2.3.0.102911
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2689), with no line terminators
Hash fa61544ef93842243803d8825cd9f249
a4d18c6f01a0e92f3cd461fb55749972f3162c16
35a03abeceb2af35b3ba49142aafe16563a2910f53ebe912c253cb6ad81127ac
GET /wp-content/plugins/wpfront-notification-bar/css/wpfront-notification-bar.min.css?ver=2.3.0.102911 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:35:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 775
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.2
103.15.235.68200 OK 72 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.2
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format, TrueType, length 72180, version 1.0\012- data
Hash b6f6455b7dd7f8408e92f3938abf8540
19e14a92376de52fcd5e2f33600a70309a692e3e
ea6513ff4036805eddb26829a3e7bd8b0363448e064daac7b3b873f95191d1ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.2 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:52 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 72180
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: application/x-font-woff
pro.saonacollection.com/wp-content/plugins/linepay-wc/assets/css/linepay_button.css?ver=5.8.6
103.15.235.68200 OK 141 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/linepay-wc/assets/css/linepay_button.css?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 3df84a41504d2e3214f2099a691ce07f
3a8eba6704daf8b221307f1dc2fb6404295d7f38
85959f0d2fd0629cba0a32c4de0f30b2e6cffd6acc7356fed42e934cb381ebeb
GET /wp-content/plugins/linepay-wc/assets/css/linepay_button.css?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 141
Keep-Alive: timeout=5, max=48
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1
103.15.235.68200 OK 1.8 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1716)
Hash b561f741e3f1d89595fa9fc5633f97e3
4da58506432de0c687b4e0d8686f26c55688ea5d
53a997bd51a3a1ad45ca16653c6044aa62fe3e120816276195538914db2c1dfd
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:21 GMT
Accept-Ranges: bytes
Content-Length: 1759
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
103.15.235.68200 OK 869 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (826)
Hash b785ea8734e1436a6f0d5e0b3b4bd8c1
18c587cee3fd14cbab5372e295e001c4d9a4c4d3
9af98e149ed5a7af3bbfe75257ddb5a7d4bc5f0be036822f89b2a1fa809fd21e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:21 GMT
Accept-Ranges: bytes
Content-Length: 869
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
103.15.235.68200 OK 245 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash fb4e2445daa49dadab2bb4c5981b8fd9
b386f3da83ab16fa6c0566f4cefb6fce89e42ac2
cbdc00cbfda953b528c24dbb0bf24357f6916cc7c3602b8e8dc09f7eb777eee8
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:21 GMT
Accept-Ranges: bytes
Content-Length: 245
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/css/wpb_wmca_style.css?ver=1.0
103.15.235.68200 OK 1.2 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/css/wpb_wmca_style.css?ver=1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 2b62fdbae77feaa3c1bd14c417f4c703
c7794756ff83b085f7a246fed98cc858a03a2d22
82c93ac20bfa4faf2b4c3346b3747dba85cb63173c9b01d48fe49b139e97b885
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpb-accordion-menu-or-category/assets/css/wpb_wmca_style.css?ver=1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 21 Sep 2021 11:11:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1215
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/themes/storefront/style.css?ver=5.8.6
103.15.235.68200 OK 10 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/style.css?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (38413)
Hash 1536427eeeb59f9d69540ed7a750485c
cb120e7ee0ca28570761f9d7a50d0ac6026ea8a2
aae189115bea36ae445314ed0a9243f58eb3749d6833bc6fb911f3d80536664a
GET /wp-content/themes/storefront/style.css?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10482
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.5.1
103.15.235.68200 OK 84 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (57128)
Hash 03e5d533da5d67c1a72a620140f68a5a
afe5e1699a827b9ebe2429f0bc8fc8ed8ee3ab6b
b74b12af9b42ee0eb8bb4afa63fccf016a7cadb62f62aedd440712c7e8557fb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/storefront/assets/css/base/icons.css?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Content-Length: 83791
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1637076772
103.15.235.68200 OK 24 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 1c5d97be0ad444c3cc757b189c7a1608
d96e99c6b17ecc2540e6066bdc981f17cf66c5b4
f8f67695ae6d89e2586b04361812927de57585810b34cfb669a634a872739fb1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 24090
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1637076772
103.15.235.68200 OK 9.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 7dafe5cbf983809f6cf342ba0d083d95
c1dcdeae541016869de457a650e1a5c2a3283b9f
8dc3eb3bcb0ee6a2457a1f6cd34ef9205c9e172fca149eae7eb5f05f9f3e4780
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 9682
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1637076772
103.15.235.68200 OK 6.8 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 35a795efc93f4e8c417b0040251a4dc3
076b5f2c159f3a06d1a6b773cafe21a1155091c4
9ae9f521a30e7018c427be5701ec72bda702e22fbad75a9a66464b646f7aded5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 6784
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1637076772
103.15.235.68200 OK 31 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (30852)
Hash 3deef07caa6219424d2a788ae8744556
97f89ae4338d62286d8b7d76e70040a0d4519468
af727f527a3fad06274e224f20521504c3e582b621b36e2801ff5e01a3647fb2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 31015
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1637076772
103.15.235.68200 OK 3.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash ff0fe79a84cc0bca49a1954b6be655e4
07bbea2f77d9f23a3cceb5d17dede2f81563bdb9
09148db51869a0004928641ad0237e112dd76220637425f6a49dab5fa364bd78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 3682
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=3.5.1
103.15.235.68200 OK 12 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (37212)
Hash f2bfe6b8d67d45cdf862f8a0001c9de3
da3d069f81e3f02b2a1cd294169f4d9aaa849387
fb85d23bdf14487570a9b82475733ea0a6cb109966e0398b77e0b941eab5af34
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Fri, 30 Apr 2021 04:08:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11664
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/themes/galleria/style.css?ver=2.2.18
103.15.235.68200 OK 9.4 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/galleria/style.css?ver=2.2.18
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (344)
Hash dd10a6bdff33efc5768eb2f005a03501
6b71e7d2304cd0f0332cc4c3845200039aac8cfa
2b7c3efaa798f0b252bbfb07e9d9cff2ba17d32bc4111a7c00c695aa1c94676b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/galleria/style.css?ver=2.2.18 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 04 May 2021 03:32:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9424
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.15.235.68200 OK 36 kB URL HTTP/1.1 pro.saonacollection.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (65447)
Hash 19794544ea8a95a7f373243810e83876
ddc367f688e43f1fb864933be9ba4a425d98b146
e02d14430d46b20d28fa1a666b5b31996c2afe85f58e933d8d6acd473cc4957e
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2021 10:28:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 36108
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/storefront-footer-bar/assets/css/style.css?ver=5.8.6
103.15.235.68200 OK 171 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/storefront-footer-bar/assets/css/style.css?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash ef458b042f439ce62d57e3c6f3b8d956
6c65951215970c6e1328a1f7355025be32fd8611
a7f82070f8ead2ba6042561b75555debe6f590f11c2aad53b5c2b0b87bf2d2ab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/storefront-footer-bar/assets/css/style.css?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 18 May 2021 04:41:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 171
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.15.235.68200 OK 4.6 kB URL HTTP/1.1 pro.saonacollection.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (11126)
Hash 7cec71a53f4e94ce6da66a0fd94b9e5c
ac8f00b06df2956b97202b24ce8d818934283b5b
9bdd49aa215000ec53e722aa93cbe0e30f509bd1430ac5b5b509bf9b78a78d31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 07:17:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4563
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.12
103.15.235.68200 OK 2.8 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.12
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash ad10cd46a043368685a36a611490d08e
ca2b566d4bb15c7c2f9cfb72e7cd1e4a6af791fb
1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.12 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:20 GMT
Accept-Ranges: bytes
Content-Length: 2817
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.12
103.15.235.68200 OK 246 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.12
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 8faf7bcc2b393eee2e09e7adda13611d
e74813124552bf9791cb36bffef45fbdb418e16b
f767f42765a143586abafcd5f1ec1221274c58264b311bd14ea2bae8c25252ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.12 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:20 GMT
Accept-Ranges: bytes
Content-Length: 246
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.6
103.15.235.68200 OK 10 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash a2df4172c10be5ad28ecc541f79ea436
506457d4e36965d54ac7aada0efb75976742e83a
713431d0cbac6b033b93be57c95e768b1e8c8052847b28e9c3c533eec51a15d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10127
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-includes/css/dashicons.min.css?ver=5.8.6
103.15.235.68200 OK 59 kB URL HTTP/1.1 pro.saonacollection.com/wp-includes/css/dashicons.min.css?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:51:32 GMT
Accept-Ranges: bytes
Content-Length: 59016
Keep-Alive: timeout=5, max=46
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.0.4
103.15.235.68200 OK 9.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.0.4
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (5515)
Hash c480c8eeb9d0f76abc568fe23d1e880c
76478bcf1d6e7aa81a4e0e93d19b2a5ea069972a
bb38d87b97711e77d493a0a9cdce4811ffbcd077cdf88cebcc69b82ed788c69c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.0.4 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:53 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:29:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9711
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.0.4
103.15.235.68200 OK 1.9 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.0.4
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2826)
Hash 20418434b8c2e64995a53409e4fd90ef
77e872962a3a3a725e693ef0592be7c141b65f60
46a9933121359c2ee8acc3d4a9349abd169b74ebfd993a07856d9c792d1229ae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.0.4 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:29:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1927
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.0.4
103.15.235.68200 OK 21 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.0.4
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 9cbf3e5088f79432b23fd8b6ffdc1b25
5d14e165eea45e00ec86ff35f73d12a2d771367b
ba970b82602abd95d7bfd991a3bb4c15f3b9613c882eb536dec6d2914da7daab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.0.4 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:29:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21067
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/wpfront-notification-bar/js/wpfront-notification-bar.min.js?ver=2.3.0.102911
103.15.235.68200 OK 1.2 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpfront-notification-bar/js/wpfront-notification-bar.min.js?ver=2.3.0.102911
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (535)
Hash d2def97988648b0f782ea91b99de64fd
7f1a0330ee40a45a7e1d0a2acf7120784c78022d
b3f75775992da7aa9ab0a56a5f2b39a3512c924cf7d5142b2260ecf8a43a1c83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpfront-notification-bar/js/wpfront-notification-bar.min.js?ver=2.3.0.102911 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:35:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1208
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1
103.15.235.68200 OK 449 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (409)
Hash 5078264f7a108688af99089913c72d0a
4dedf943923a2a0335a9f18390adfee900424314
b5fc18167c9bb2e3e5a3c27a8cf951a5d32770462a143b87989a5853d034dc8d
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:21 GMT
Accept-Ranges: bytes
Content-Length: 449
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.cookie.js?ver=1.0
103.15.235.68200 OK 1.5 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.cookie.js?ver=1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 88c4b9117bf1d10911bd3ad3361254dd
9e7cc5a5c7d2f3bcf0b1e2b54ed4505c0f9ef42c
80acb0b416d4643b4493080b141259f08db9a3b3e5451583fca4e42512343d49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.cookie.js?ver=1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 21 Sep 2021 11:11:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1470
Keep-Alive: timeout=5, max=45
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.9.1
103.15.235.68200 OK 2.5 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (15057), with no line terminators
Hash 83901c8ef6637f6a99b277a408369825
36560819aedf1bc87003dd9d9a98c38207499727
9671334ac1245e8e5182e215b5e9941664102c9a2e52e9640166dcd6292d33bd
GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2458
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/font-awesome.min.css?ver=1.4.1
103.15.235.68200 OK 7.9 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/font-awesome.min.css?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (30837)
Hash b2ea6ca16c34091cd8c01b1135a56729
f13ea7b79ae565ce2dae8675ff2185d1fa551411
50a0f2c1e040ce3115afcb0c16df30ad88a17c19575f707fb51737f886c476a3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/public/css/font-awesome.min.css?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7930
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.navgoco.min.js?ver=1.0
103.15.235.68200 OK 3.3 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.navgoco.min.js?ver=1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash ad587d0cfdc76170ad29ebc00860502e
1397ddd8f34647f8e72ec8d1d7b4b3c297446e80
2f53d07821b7f88c311f7de9742f09417787106bc70d0812823a7937e644c50a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpb-accordion-menu-or-category/assets/js/jquery.navgoco.min.js?ver=1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 21 Sep 2021 11:11:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3288
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/woo-category-slider-public.min.css?ver=1.4.1
103.15.235.68200 OK 683 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/woo-category-slider-public.min.css?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2002), with no line terminators
Hash dc4d7af23cab7cf548d3f0ffc0661e64
af8c0c1a5d327f0ce6fc6020717fda802ac66135
e006e3059f19ed01f3263abe96faa6299eea83120d740c30a8aa19837a10dbc2
GET /wp-content/plugins/woo-category-slider-grid/public/css/woo-category-slider-public.min.css?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 683
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pro.saonacollection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 567585
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tenorsans/v17/bx6ANxqUneKx06UkIXISn3V4Cg.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/tenorsans/v17/bx6ANxqUneKx06UkIXISn3V4Cg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18588, version 1.0\012- data
Hash 168c97047066f9188a498e2c1e784d54
1dcd56014f6c397622388276a4bed5a0636db7be
f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f
GET /s/tenorsans/v17/bx6ANxqUneKx06UkIXISn3V4Cg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pro.saonacollection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:15:25 GMT
expires: Sat, 27 Jan 2024 02:15:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:52:47 GMT
content-type: font/woff2
age: 585149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 20:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/swiper.min.css?ver=1.4.1
103.15.235.68200 OK 4.4 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/swiper.min.css?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (13613), with no line terminators
Hash 9fcec5cbf1b7d50060af1d2b1ea640c5
13770684e3e36f35efa0932c5207fe95c6409559
56fd1126409b7ed9fa60c401fa3a00f4904bf6f5edac6244392f2ffb4f2089ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/public/css/swiper.min.css?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4434
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: text/css
pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.12.1
103.15.235.68200 OK 807 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.12.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1990), with no line terminators
Hash 1f3078e7df2867c72c0091f7be4e3c5e
9d4208b85efeb6927e898c665f65077b7fa1082a
14c1f54fefc9d63a97a75c4ded223f1aa462ff714fc97a1c149891aa9718b120
GET /wp-content/plugins/woocommerce-multilingual/res/js/wcml-multi-currency.min.js?ver=4.12.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:33:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 807
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
103.15.235.68200 OK 3.8 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (9151)
Hash 20e76d099ee904e46486c4b535b94f06
a0a676597fcf1c8e71562ce9e28acb694db51238
c6cfa8b95f64b01c9b1cef61c4ee10b30a4bdf00060b68f7d235eb2c7015923d
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3774
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.6
103.15.235.68200 OK 2.0 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (401)
Hash 24ce9718f89bd668950a1b0dc57ca69a
c2723dcac7e978c59a2acef122b2bb3b9d8e007a
59c7df1daf9a108134794962710f2eaf854c172b6134cbdd7a3b95eed80fce40
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.0.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1951
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
216.58.207.227200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Hash 481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pro.saonacollection.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21248
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 18:38:30 GMT
Expires: Fri, 02 Feb 2024 18:38:30 GMT
Cache-Control: public, max-age=31536000
Age: 7764
Last-Modified: Mon, 11 Jul 2022 20:38:57 GMT
Content-Type: font/woff2
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
103.15.235.68200 OK 1.2 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 3c16ea1ba9f5ea71f77235d641432f5e
7ad5e0f040bae752f339c729f943a89ad09dba9c
318daece8b5055aa1a7ddb1562d0aa7d3eca81c71b0cc872075cb77a13d56bfa
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1174
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
103.15.235.68200 OK 1.0 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1668)
Hash d7deb7ee25dbefd306d47300dda470c4
99e7371a8d131897bd9119562e5f963a9eb7c034
bfeb62c906eedb44b08a84e0eb3f61c2417b57124af8cacd3824339628e980a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1002
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
103.15.235.68200 OK 843 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2139), with no line terminators
Hash 70873bef1381d7a38bdc4fd14aa1e7a9
70c93e2b3d71105e67dd625a95de4ff0498a48d9
c01c3001448f10876291254b9f846cddadefce5c41c15504a90790960308efe1
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 843
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
103.15.235.68200 OK 1.1 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2938), with no line terminators
Hash 46f34324b6fb087daf145b9850dceb2b
b87cd94f651c383b6ba808044fc4b211585deb17
40bc8b3f2860d3c4333699d17055e2b3a91f89e30ddb8d050f9ef1a45d6fc270
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1102
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/accordion-init.js?ver=1.0
103.15.235.68200 OK 710 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/wpb-accordion-menu-or-category/assets/js/accordion-init.js?ver=1.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 2a48a01d774bf46a1c4a9b277eed3428
52eba065be808d0c2ac4bd2fcbc193cf84f33985
9837107dc5db90818f1a49ab8d9020bb6a02af5cf5371c9b071ea8d64c941fcc
GET /wp-content/plugins/wpb-accordion-menu-or-category/assets/js/accordion-init.js?ver=1.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 21 Sep 2021 11:11:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 710
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/storefront/assets/js/navigation.min.js?ver=3.5.1
103.15.235.68200 OK 1.0 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/js/navigation.min.js?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (2990), with no line terminators
Hash 11a5867c921f341c1309fc7d36234591
76a1fd4c9d0053054820c3e7cd8ec62a26e49808
d5cc4283c548509849849a66da5085293ee7ea9cd48fa46ebe125f805ba0d105
GET /wp-content/themes/storefront/assets/js/navigation.min.js?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1012
Keep-Alive: timeout=5, max=43
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=20130115
103.15.235.68200 OK 259 B URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=20130115
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (447), with no line terminators
Hash f974a6e7d89fce576a1c977e7de3d14a
16dfc9ba09937279ae3ec70f6cf5a41096fec533
3a10c9e2dd3daff2d988087cea07aec7851af7afae58e08856b8bb4335dc8917
GET /wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=20130115 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 259
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3
103.15.235.68200 OK 6.3 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (17954)
Hash 42f5635083c00b1863d89e9a4a885f08
38627f1d0b991731693a8acd7be611648933b647
94fec4d53210c87e8f5a9ba027117258add46590acf5f3b74a6dbee63cd5f7c9
GET /wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6253
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.1
103.15.235.68200 OK 230 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (344), with no line terminators
Hash 71c7c785cb135df9e809216b560ad21b
c4d9f19caa0203bcf380456530d0219288ed81d9
e0f46fdd1a3ed356c329776bab7dd9d3f79a738298214e11b32ef2ccdace22a6
GET /wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:33:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 230
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1637076772
103.15.235.68200 OK 860 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1637076772
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
Hash 6442171da4dc4093819153e31fe5d513
8b4bb7223ce0e3ddf41fd16ac73430dc847fb69a
6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1637076772 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 860
Keep-Alive: timeout=5, max=40
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.1
103.15.235.68200 OK 223 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (364), with no line terminators
Hash 1d6ffd8d2c0fef0fbb549552599e473c
307837751783141245b462ad683db5861432963e
b425ba53c74dc93afe6406b3bba836568d245a7062feeba5b5078d18542e1ef0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:33:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 223
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=3.5.1
103.15.235.68200 OK 311 B URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (531), with no line terminators
Hash 7996002886f97905d0345b5143892165
9705b25b8106abb233e926a6442329446fc1d6c3
ff8390dd486845329bcb08adf88ab5e56d4ba42a2bc716f6e67f1a4bc64c55a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 311
Keep-Alive: timeout=5, max=42
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/storefront/assets/js/footer.min.js?ver=3.5.1
103.15.235.68200 OK 389 B URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/js/footer.min.js?ver=3.5.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (745), with no line terminators
Hash 8911895f71f8806d34393b043af724af
23b71676a49c3a95c1032da2dcfb4626f7401258
625b9399fa9060a9a193eb6f87d84d2b50637aa1eb4ca44d94ab76542694cdde
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/storefront/assets/js/footer.min.js?ver=3.5.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 389
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/galleria/assets/js/galleria.min.js?ver=2.2.18
103.15.235.68200 OK 305 B URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/galleria/assets/js/galleria.min.js?ver=2.2.18
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (579), with no line terminators
Hash 55de1af1f8d6a2198971901f4c0ecf0d
6d1bb251858479c2c9426692f4347575db4881e2
21a3c9f068ae17b5a36978c88a56c353af8ae87dc97077260476e4781758239b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/galleria/assets/js/galleria.min.js?ver=2.2.18 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 09:25:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 305
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/themes/galleria/assets/js/modernizr.min.js?ver=2.8.3
103.15.235.68200 OK 836 B URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/galleria/assets/js/modernizr.min.js?ver=2.8.3
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1440)
Hash 3ee846ecb0db4d5690bd6857d3f537c6
66aa5200b006aa25f50403dc2829b54e604ffa05
a50b98c614adce0d4f468fba31b942b281cea49f312568c7ff697e3739b122f0
GET /wp-content/themes/galleria/assets/js/modernizr.min.js?ver=2.8.3 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 09:25:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 836
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.5.9.1
103.15.235.68200 OK 26 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.5.9.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Unicode text, UTF-8 text, with very long lines (64041)
Hash 917b92cfef2ece777baaacc3340536d5
72e02f6f905dac5da00bca2ca4ffeaeb75d859e7
7e906bf8ef44812d4097f81ccd48163ddb105a48ed9b0fd4bbfcf32cb0e8b290
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.5.9.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 17:38:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26020
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
103.15.235.68200 OK 779 B URL HTTP/1.1 pro.saonacollection.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (1391)
Hash 486a47be050402b880cee1fe757e75e6
32c0ec9b315a3792473702782b357307fc248f84
7dd0219de45f3257c695aeb1d3b398aaa895c9b62461b0b91e6ca84acbe21acb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Thu, 04 Feb 2021 09:43:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 779
Keep-Alive: timeout=5, max=39
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/swiper-config.min.js?ver=1.4.1
103.15.235.68200 OK 679 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/swiper-config.min.js?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (3074), with no line terminators
Hash f4c7b268dd8eff9ad1ee1b0a10b89ca3
c42a36446185f7863b7975842072ed35a8b30e3f
d11bb18e5996129df7f6382b94bf963396cc7781049f3576f9d40cffe246d138
GET /wp-content/plugins/woo-category-slider-grid/public/js/swiper-config.min.js?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 679
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/preloader.min.js?ver=1.4.1
103.15.235.68200 OK 236 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/preloader.min.js?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (420), with no line terminators
Hash 635a354f68e32b337170841427d9780f
d3a473cef452d2c34f016dd67658a54cfe7320d5
eadf1b195f851629e27f70862dc821417d344cd22801a078e0a5ff3356edbabd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/public/js/preloader.min.js?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 236
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
103.15.235.68200 OK 5.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (15224)
Hash 8e1603efdf03f83878251ba46a482621
1a14526e1195c7f2f5a4500c5016241f6fb7a67e
9e2aa190e5261249d30899caf5c19959a4f5815e0411e8ceb89cd57a3164ace2
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2021 10:28:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5698
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/fonts/fontawesome-webfont.woff2?v=4.7.0
103.15.235.68200 OK 77 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/public/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/css/font-awesome.min.css?ver=1.4.1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=35
Connection: Keep-Alive
Content-Type: font/woff2
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
103.15.235.68200 OK 600 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:20 GMT
Accept-Ranges: bytes
Content-Length: 600
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: image/png
pro.saonacollection.com/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
103.15.235.68200 OK 79 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Hash b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pro.saonacollection.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.5.1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 04:12:39 GMT
Accept-Ranges: bytes
Content-Length: 79444
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: font/woff2
pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1
103.15.235.68200 OK 72 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socicon \012- data
Hash c3917ee9c1f1c6e17e69bbe155096fcb
ca10ff413fe8acc4e1f7df6438ec5716bc402540
751a0371c05e00d53805d36d47d9b7b0d965dbffe64ebc4b50d347beaa51fb44
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1637076772
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:32:52 GMT
Accept-Ranges: bytes
Content-Length: 72104
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=38
Connection: Keep-Alive
Content-Type: font/ttf
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/swiper.min.js?ver=1.4.1
103.15.235.68200 OK 56 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/js/swiper.min.js?ver=1.4.1
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4456282969eccc792ba25a06799f6a13
8096a981f9fc869654505091212d807cbcacff69
87b3c52763c21539e72c02ad26c3c74a2a9509e2782e5f4caf9c647d94b8fe0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-category-slider-grid/public/js/swiper.min.js?ver=1.4.1 HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:54 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 55780
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: application/javascript
pro.saonacollection.com/wp-content/uploads/2021/04/cropped-bandeau-saonacollection-05-21.jpg
103.15.235.68200 OK 206 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/uploads/2021/04/cropped-bandeau-saonacollection-05-21.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1950x500, components 3\012- data
Size 206 kB (206397 bytes)
Hash 6c89cd7603c004284ed9d44eadb48d78
8efcb3285cf2a12b470f830e363712522cdc3fc4
3178862e761818182905a46120a0ac49e474834986f7541bfa06de76ed0fb3b3
GET /wp-content/uploads/2021/04/cropped-bandeau-saonacollection-05-21.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Fri, 23 Apr 2021 04:37:00 GMT
Accept-Ranges: bytes
Content-Length: 206397
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: image/jpeg
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
103.15.235.68200 OK 268 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash a6b419f8502fa8faca4c693b46989e2d
fb3862465a32facd5b5e158b0544b567a01d343e
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:20 GMT
Accept-Ranges: bytes
Content-Length: 268
Keep-Alive: timeout=5, max=34
Connection: Keep-Alive
Content-Type: image/png
pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/th.png
103.15.235.68200 OK 272 B URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/th.png
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 07c8fa38921275801505e6f6777c70b7
39fd3e523b26007022430df03003c6121bf538a5
1f8f494547cc9f3681169bd29d2b0b61d690703fb5884bd15f92b171be6f3dcb
GET /wp-content/plugins/sitepress-multilingual-cms/res/flags/th.png HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 07 Sep 2021 10:33:20 GMT
Accept-Ranges: bytes
Content-Length: 272
Keep-Alive: timeout=5, max=36
Connection: Keep-Alive
Content-Type: image/png
pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/img/preloader.gif
103.15.235.68200 OK 4.7 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/woo-category-slider-grid/public/img/preloader.gif
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type GIF image data, version 89a, 32 x 32\012- data
Hash a8ee9e66ec02decea6f2b0a21da2ffe2
16da10390345a55e54b186ad8999c42ed7855ae4
dd8fd12abe43c702894dfaab11ad1f2451cb13b7d38df3b05f80a1f2e633fce5
GET /wp-content/plugins/woo-category-slider-grid/public/img/preloader.gif HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:22 GMT
Accept-Ranges: bytes
Content-Length: 4725
Keep-Alive: timeout=5, max=35
Connection: Keep-Alive
Content-Type: image/gif
pro.saonacollection.com/wp-content/uploads/2021/04/cropped-logo-saonacollection.png
103.15.235.68200 OK 21 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/cropped-logo-saonacollection.png
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type PNG image data, 390 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash 48826fb7014df781128e497dcfc5e192
9e06d4522db7845dd9444c3f8ae0479fc813ef8f
6eb907af7b9638a9773c74a36bcaf1b927e51aa2bd5e567e5426ad5d6c8145cd
GET /wp-content/uploads/2021/04/cropped-logo-saonacollection.png HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 23 Apr 2021 04:30:13 GMT
accept-ranges: bytes
content-length: 20668
content-type: image/png
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/images/logo-cookieyes.svg
103.15.235.68200 OK 1.1 kB URL HTTP/1.1 pro.saonacollection.com/wp-content/plugins/cookie-law-info/public/images/logo-cookieyes.svg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f03f24d8d8d1adf84e4229f9acea37b
e61937437be61e2882306a301e65f26daf8061ee
375d177299954b2c3d89fbc5c381bf9435f743efc62f4e76dc5a92f2db1081f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/images/logo-cookieyes.svg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pro.saonacollection.com/?i=i&0=brad%40malware-traffic-analysis.net
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:47:55 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 15:31:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1143
Keep-Alive: timeout=5, max=37
Connection: Keep-Alive
Content-Type: image/svg+xml
pro.saonacollection.com/wp-content/uploads/2021/05/test-cover2-684x912.jpg
103.15.235.68200 OK 104 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/test-cover2-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Size 104 kB (104123 bytes)
Hash b4269b9fc571f424b1f2a7b531796f1b
27dfedeec03c087f58bf1070b16d6a04b4213de7
f6e11360827ac805a040db5eb7ccfdf8c9cd5a30f83d44674e16c07371a4fd2d
GET /wp-content/uploads/2021/05/test-cover2-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 07:01:17 GMT
accept-ranges: bytes
content-length: 104123
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/08/cobliva13-001-684x912.jpg
103.15.235.68200 OK 33 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/08/cobliva13-001-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Hash 0c5206edf6c06564bdf98a88255118db
64caf4209f62bdc93519b84f732411e858eedcd0
08898db8b643457ae901ba5e1061f5dfaa07b83fb403a236ec6db84bfd800be5
GET /wp-content/uploads/2021/08/cobliva13-001-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 12 Aug 2021 09:34:25 GMT
accept-ranges: bytes
content-length: 32866
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/05/shb047-017-one-3-684x912.jpg
103.15.235.68200 OK 49 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/shb047-017-one-3-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Hash 3dfb9f9ee15fd233283e066edc868d74
0292c789ff2a28ab7616f8d129b3f970928753b8
be160cad8c8de531baf3ded2d0b15efff192931b60998453f6ef0fc8c231b4df
GET /wp-content/uploads/2021/05/shb047-017-one-3-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 06:47:04 GMT
accept-ranges: bytes
content-length: 48583
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/08/e289-tor-lightgreen-684x912.jpg
103.15.235.68200 OK 66 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/08/e289-tor-lightgreen-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Hash 69f3b396e8622a3891de848c0851ab7e
62d6c2428bd2cf2247b9f445dcd3fcf769e9a0b8
4331f5ce18dcfbb032de393705a4c081b22666b30ad5b06941b4fd533d45cd9a
GET /wp-content/uploads/2021/08/e289-tor-lightgreen-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 12 Aug 2021 09:37:31 GMT
accept-ranges: bytes
content-length: 65975
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/05/br-bl-iva-6-unk-684x912.jpg
103.15.235.68200 OK 75 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/br-bl-iva-6-unk-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Hash 7cfcb138ce10c2e3c51dde9a8a302b34
3590ded32b76ecab04e4c4c5210f47c801a1aa19
f936f92860122e42132d931bcb837e055b7d5489b949c7af3fbdd215e1130977
GET /wp-content/uploads/2021/05/br-bl-iva-6-unk-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 06:43:46 GMT
accept-ranges: bytes
content-length: 75245
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/05/hb23471pg-4-684x912.jpg
103.15.235.68200 OK 93 kB URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/hb23471pg-4-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 684x912, components 3\012- data
Hash 1bb983b1e31ac6d0ba68555c5ea3b5b0
09816c5ccaea5b9f4a6c6b28d96666aead4ed853
e4d49f55a95640053fcfc8fc1c9fbeb66068e3c8fde8918e22bc458f9c0b44e5
GET /wp-content/uploads/2021/05/hb23471pg-4-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 06:44:31 GMT
accept-ranges: bytes
content-length: 93299
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblshor33-222-3-scaled-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblshor33-222-3-scaled-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/04/o-rbblshor33-222-3-scaled-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 12 May 2021 04:06:44 GMT
accept-ranges: bytes
content-length: 144116
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblary3-361-1-scaled-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblary3-361-1-scaled-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/04/o-rbblary3-361-1-scaled-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Jun 2021 03:33:50 GMT
accept-ranges: bytes
content-length: 115429
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblmes8-033-2-scaled-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/o-rbblmes8-033-2-scaled-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/04/o-rbblmes8-033-2-scaled-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 28 May 2021 09:16:32 GMT
accept-ranges: bytes
content-length: 147973
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/04/o-rbbldew29-372-1-scaled-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/o-rbbldew29-372-1-scaled-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/04/o-rbbldew29-372-1-scaled-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Jun 2021 03:35:47 GMT
accept-ranges: bytes
content-length: 114978
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.5.1
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.5.1
IP 142.250.74.138:0
GET /css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 20:47:52 GMT
date: Thu, 02 Feb 2023 20:47:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/07/o-tublcinta4-366-1-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/07/o-tublcinta4-366-1-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/07/o-tublcinta4-366-1-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 28 Jul 2021 12:52:39 GMT
accept-ranges: bytes
content-length: 113564
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Tenor+Sans&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Tenor+Sans&display=swap
IP 142.250.74.138:0
GET /css2?family=Tenor+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 20:47:52 GMT
date: Thu, 02 Feb 2023 20:47:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/05/walblwah1-012-one-2-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/walblwah1-012-one-2-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/05/walblwah1-012-one-2-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 06:56:06 GMT
accept-ranges: bytes
content-length: 167340
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@100;300&family=Tenor+Sans&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@100;300&family=Tenor+Sans&display=swap
IP 142.250.74.138:0
GET /css2?family=Montserrat:wght@100;300&family=Tenor+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 20:47:52 GMT
date: Thu, 02 Feb 2023 20:47:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/04/size-chart.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/04/size-chart.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/04/size-chart.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Apr 2021 11:12:46 GMT
accept-ranges: bytes
content-length: 308728
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2
pro.saonacollection.com/wp-content/uploads/2021/05/Bamboo-Round-Natural-3-684x912.jpg
103.15.235.68200 OK 0 B URL HTTP/2 pro.saonacollection.com/wp-content/uploads/2021/05/Bamboo-Round-Natural-3-684x912.jpg
IP 103.15.235.68:0
ASN #58621 Vodien Internet Solutions Pte Ltd
GET /wp-content/uploads/2021/05/Bamboo-Round-Natural-3-684x912.jpg HTTP/1.1
Host: pro.saonacollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pro.saonacollection.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Jun 2021 06:59:53 GMT
accept-ranges: bytes
content-length: 132578
content-type: image/jpeg
date: Thu, 02 Feb 2023 20:47:55 GMT
server: Apache
X-Firefox-Spdy: h2