Report - saffronus.com/

Report Overview

Submitted URL
saffronus.com/
IP
198.54.126.25
ASN
#22612 NAMECHEAP-NET
Submitted
2023-01-28 18:52:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
saffronus.com	unknown	2015-06-10T02:57:01Z	2023-01-09T09:43:48Z	15 kB	307 kB	198.54.126.25
static.xx.fbcdn.net	661	2012-12-01T14:12:13Z	2023-03-13T05:09:21Z	2.8 kB	133 kB	157.240.200.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	987 B	28 kB	216.58.207.227
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	417 B	630 B	142.250.74.106
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.189.85.130
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	61 kB	34.120.237.76
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	798 B	92 kB	157.240.200.14
stats.wp.com	2711	2017-01-30T06:06:59Z	2023-03-13T05:11:02Z	714 B	10 kB	192.0.76.3
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.6 kB	93.184.220.29
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	900 B	3.9 kB	157.240.200.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
pixel.wp.com	2545	2017-01-30T06:31:40Z	2023-03-13T05:11:03Z	508 B	239 B	192.0.76.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	saffronus.com/	Malware
2023-01-28	medium	saffronus.com/wp-includes/js/jquery/jquery-migrate.min.js	Malware
2023-01-28	medium	saffronus.com/wp-content/plugins/affiliate-egg/res/js/price_alert.js	Malware
2023-01-28	medium	saffronus.com/wp-content/plugins/content-egg/res/js/price_alert.js	Malware
2023-01-28	medium	saffronus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js	Malware
2023-01-28	medium	saffronus.com/wp-content/plugins/contact-form-7/includes/js/index.js	Malware
2023-01-28	medium	saffronus.com/wp-includes/js/jquery/jquery.min.js	Malware
2023-01-28	medium	saffronus.com/wp-content/themes/mts_coupon/js/owl.carousel.min.js	Malware
2023-01-28	medium	saffronus.com/wp-includes/js/wp-emoji-release.min.js	Malware
2023-01-28	medium	saffronus.com/wp-content/themes/mts_coupon/js/customscript.js	Malware
2023-01-28	medium	saffronus.com/wp-content/themes/mts_coupon/js/clipboard.min.js	Malware
2023-01-28	medium	saffronus.com/wp-content/themes/mts_coupon/fonts/fontawesome-webfont.woff2	Malware
2023-01-28	medium	saffronus.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	4.5 kB	2023-03-13	2023-03-13
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash b7dcebc8ebce8580b86f540f9b7d5709 c19d2a47dd0b488c8b74d84661cfb6e78498c15d 1c7e98608bc2e833156538967b86783822133479215bc32656acc00cec937155 Loading...

	saffronus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js	11 kB	2023-03-09	2024-04-18
Pretty URL saffronus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-04-18 14:17:30 Times Seen8848 Hash 7f0734e228d3f1a255a8b817a5005b8e 3dfca70a7a3e298fc392f2393ca60d350eebb5fd 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Loading...

	saffronus.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-18
Pretty URL saffronus.com/wp-includes/js/jquery/jquery.min.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen31778 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	saffronus.com/	136 B	2023-03-13	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 256599ec51f48e8c338b36ef3e40fba0 3acaf22d8375ae28881211e2b2bebebc2ebebd92 e75439c59ed3bbe78e92b36f6ec84121c27c12cb489b2742e0db564935087c98 Loading...

	saffronus.com/wp-includes/js/wp-emoji-release.min.js	19 kB	2023-03-07	2024-04-18
Pretty URL saffronus.com/wp-includes/js/wp-emoji-release.min.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:32:29 Times Seen37992 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	saffronus.com/wp-content/themes/mts_coupon/js/clipboard.min.js	14 kB	2023-03-12	2023-03-13
Pretty URL saffronus.com/wp-content/themes/mts_coupon/js/clipboard.min.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 640a03d893f1e1e0ef295299036f0a5f cd9bb89995b64abc8450dbe0fcb196f2c162ea48 652254d3f10a8830638443f2522d2deddbecbd3b8dbb34ab69f5bec0db5213a9 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 07:05:19 Times Seen36953862 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	saffronus.com/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-19
Pretty URL saffronus.com/wp-includes/js/jquery/jquery-migrate.min.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 01:16:23 Times Seen68487 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	saffronus.com/	134 B	2023-03-13	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 51a5684144bfdb46abfb029804dd8895 6244d699805b82145d5ad754f15666b74529de2f da1b455b310254ef40d09b824b8ea9d2862897a4c1740e2a37c57fea239c4932 Loading...

	saffronus.com/wp-content/themes/mts_coupon/js/owl.carousel.min.js	54 kB	2023-03-12	2023-03-13
Pretty URL saffronus.com/wp-content/themes/mts_coupon/js/owl.carousel.min.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 3dff6ab7b7efccb8447e7faa8f5b1cd9 9ac989c51f0dd5012d8e78fd9cd3c04e4796ca97 eea0faef48c112e41029ec69aec41f068c9d73413d70eaafe0c1d3b668fa65e8 Loading...

	saffronus.com/	152 B	2023-03-07	2024-04-19
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 01:58:20 Times Seen19844 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	saffronus.com/	316 B	2023-03-12	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 602b2bd152ebfc347da3b229edd385a6 34b887fd9049a22afa394f1e2ad6a507419d4c1f 3657bc9c7d6f71c47264b79c50e6fb84041923e8f688c3e4db998e4388b17ab5 Loading...

	saffronus.com/	32 B	2023-03-07	2024-04-19
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-19 01:58:19 Times Seen3381 Hash f28cdba8b1a33fab7b4935482c683e17 7fb92b438ae880e659636e12f78ecca1ab9dd1a9 76d9ab1fc9999540d0f7167df3325f71fbd86160eda576cb60f285b0e65d89a9 Loading...

	connect.facebook.net/en_US/all.js#xfbml=1&version=v2.8	3.1 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1&version=v2.8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:55 Times Seen1 Hash ea5c85d503682ec9a2fcf3b8d3eb55ae 309313ae0cdfa13ededa45d142011a82031e542e a387768b6bbfc20d38e821b614e1b7ba30513cf956f23a603ae928b4b1956704 Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	448 B	2023-03-13	2023-03-13
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash cdd5c30b09b2478ab86817a36597ffce 5970ddd0023130b784a32453226ac08002dabc66 481ab087e985b939bc32473ff20286156eaab72cd77bb3a4a07c3399a7335755 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz	53 kB	2023-03-13	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:53:12 Last Seen2023-04-02 21:25:26 Times Seen2 Hash 4c689d50c535f6978d1f92e224827622 bb33f49172213ab9b5c982d45ed888640c5c70a3 f9b02d9acd1f5fdb1c1dde6732e91163ba551f4994f15387e493a2dd514da9f5 Loading...

	saffronus.com/	100 B	2023-03-07	2024-04-18
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:54 Last Seen2024-04-18 12:41:27 Times Seen332 Hash b4d3f37f12c20b842849ca0639c02896 b45356cd6ac8aa97b120978939d210a29793bcaa dfe28b5bb81fe6a0f507e293a8c6d0030794725ea028e37b18c5bceaa9d7fff2 Loading...

	saffronus.com/wp-content/plugins/affiliate-egg/res/js/price_alert.js	1.4 kB	2023-03-07	2024-01-24
Pretty URL saffronus.com/wp-content/plugins/affiliate-egg/res/js/price_alert.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:18 Last Seen2024-01-24 10:27:41 Times Seen4 Hash 9e9e65b05e81f612c60a64b92b6aef21 2792cd97445832d7e1678d72898656b1a52feecb 1abdd3eec70dd909797cdc0d93ac202cfc8413ee59ab795e2e4528fae162977c Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	218 B	2023-03-07	2024-04-19
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 02:09:51 Times Seen12490 Hash 23731f926ba1b7856c53bf9c572f9e96 52618c2e6dd1bce8956fd2e2872c524eb1fd59d6 dbf6a6f99233910115437a7d602f004b1287d55441d4f751d152bf216375c07a Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz	5.7 kB	2023-03-13	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:54:44 Last Seen2023-04-02 21:25:26 Times Seen2 Hash 1d0a7d2454db4456c7e25def3cc545a5 cd9b059cf1d322da0a5e5aa37ff20fa216c8d617 ded62b6146239bfba0a285a0257eada06855fd5e14eb73235cd465030c9cce82 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz	39 kB	2023-03-08	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-04-02 21:25:26 Times Seen2 Hash d0096b3780248d2d053b1826ffa2e991 cb82a7cd24e2afb463141954d925ca118db6000a f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b Loading...

	saffronus.com/	2.1 kB	2023-03-12	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 092815cf034c04fa2b42a747b4d19a0e c282017624636eb23eed9d3d34b85c1156daffa8 3a0350cbe38ec730d284664330c0c4bbd43e40a7aa4c88116b23c05592f5763f Loading...

	stats.wp.com/s-202304.js	9.4 kB	2023-03-07	2024-03-07
Pretty URL stats.wp.com/s-202304.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-07 00:14:50 Times Seen3354 Hash 82d763decfeb58a330f075ecd1bfbec4 9834c21e75bcf80d52c98bf55641f2bd92e200d3 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1 Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	1.6 kB	2023-03-13	2023-03-13
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 94b0f78f028b18a847f2db1c91d3c377 512535c0587f5f7e40f10eb9eeceb955688401e2 59dca807e1ccbc883722cc0a35378c72df52e3f9cd6f0a1a9feb81ef655c8eca Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	13 kB	2023-03-13	2023-03-13
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:04 Times Seen1 Hash 268b844b68f0d6ec028bbc457a308042 e74740d80dc392e0d6000a05a613b6b0d3fb8bb6 0a8830b69c39de655ad8fb0bfba434370d015618bbd0a546b2171568f81bc979 Loading...

	saffronus.com/wp-content/plugins/contact-form-7/includes/js/index.js	13 kB	2023-03-13	2024-04-16
Pretty URL saffronus.com/wp-content/plugins/contact-form-7/includes/js/index.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:30:08 Last Seen2024-04-16 15:05:55 Times Seen1702 Hash c324038c8d6cd7e9990ff50520625008 a707f321bad9f20c442b776efa6812c8acadb8c0 af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f Loading...

	saffronus.com/	140 B	2023-03-12	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 6d3c7aa6244d0ebca73343f83b5aa879 9dfdc9dbcd20cffdc0315dbe576138809a78f7bf b78ad54faa8cf969f8da9c52d512e958a7eadaf1ce656ae72cb9232e5859c203 Loading...

	saffronus.com/	83 B	2023-03-12	2023-07-09
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-07-09 12:53:15 Times Seen3 Hash e278a605fe9ee890bff94cec7d08bdd7 32fc9ec17ab92f751c807bd19bb3bd26191e4f2e e6f3901b6d8771595071a91fe7e436a2c59b3185046872f157b9f40311284fa2 Loading...

	saffronus.com/	187 B	2023-03-13	2023-03-13
Pretty URL saffronus.com/ IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash 3ebc47313e03f7bc9de67df2d87f296b 0759a7cc0937a50689b304a2132891308f6a7963 6b35396a1ac2e4a92eb53e282561abfab25a94797160d95b8a8b15d8322c3b0f Loading...

	connect.facebook.net/en_US/all.js?hash=792f1c9c676661d10958c96f15baebe9	315 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/all.js?hash=792f1c9c676661d10958c96f15baebe9 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:55 Times Seen1 Hash d523489784d3c331bedb339c57da3905 693f6a103d21b01dca3b0403a5cc792a7628b2b5 26b9867471f6c0bd2257adfbea7bd49b88293fce8e3e937af0b4bdb2ccbee699 Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	10 B	2023-03-07	2024-04-19
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-19 02:09:51 Times Seen14071 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz	22 kB	2023-03-13	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:53:12 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ba1ec5ede689c3e46bcb48262f3d9416 8fec2058f2b09fdc4ffc05fa8ca20b695147569e 202af825bfe28ded4b94e6c1d7aca76457dc86385eb03de99fe933df7b2b56c5 Loading...

	stats.wp.com/e-202304.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202304.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	saffronus.com/wp-content/plugins/content-egg/res/js/price_alert.js	1.9 kB	2023-03-07	2024-02-15
Pretty URL saffronus.com/wp-content/plugins/content-egg/res/js/price_alert.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:43 Last Seen2024-02-15 10:28:34 Times Seen64 Hash e7cba94c1ad3b87075c6b51e2ee0c346 737cfaaf03fcc43c10cf79021bc6bf7c1b5c6712 48e54d9dc911b8a46b5d71267557b8c94e9f37fefc06913cefe4f5fc3b721090 Loading...

	saffronus.com/wp-content/themes/mts_coupon/js/customscript.js	18 kB	2023-03-12	2023-03-13
Pretty URL saffronus.com/wp-content/themes/mts_coupon/js/customscript.js IP 198.54.126.25 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:05:48 Last Seen2023-03-13 10:07:00 Times Seen1 Hash f0c5f6b4b5ba4bc9069c331946a30fa3 713c8edf488ed547042a93d29fc1a79347802e43 1f5c80fb7adc465d12656a15c6cf3a8b40aa16117eacf3f652b5392d859c720d Loading...

	static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz	86 kB	2023-03-12	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:47:18 Last Seen2023-03-13 15:56:37 Times Seen1 Hash 7e469ccab559752f55126d4601c300b7 18399df0ad5f4f99f3be0327c9c030a16aff799b f22116eb2a3d113dec393ac9e20db766c16a14fe66ca8a12ffe50e6f78899dbe Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	15 kB	2023-03-13	2023-03-13
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:07:00 Last Seen2023-03-13 10:07:00 Times Seen1 Hash e48986ea6d722ba4966576e54bd376a7 50d8fcabc042a223cad3064a2d4ae71195986e03 687cf91a41b90187c87883e9a8c045d28a437ae735764fd074780ef488cf0c02 Loading...

	www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275	114 B	2023-03-07	2023-04-02
Pretty URL www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 IP 157.240.200.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-04-02 21:25:26 Times Seen2 Hash 95a616294c811b3802967925a7dede6e 66ac0daa1bea28c665f5a125b7ce6684b9d9886d 0b193295687a90ce84341a7bc4787ce1bbf189e70cd129d795fe95e293ed77de Loading...

HTTP Transactions (75)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12302
Expires: Sat, 28 Jan 2023 22:17:18 GMT
Date: Sat, 28 Jan 2023 18:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5045
Expires: Sat, 28 Jan 2023 20:16:21 GMT
Date: Sat, 28 Jan 2023 18:52:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 18:35:31 GMT
content-type: application/json
age: 1005
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

saffronus.com/

198.54.126.25

301 Moved Permanently

707 B

URL HTTP/1.1
saffronus.com/
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 28 Jan 2023 18:52:16 GMT
server: LiteSpeed
location: https://saffronus.com/
x-turbo-charged-by: LiteSpeed

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7371
Expires: Sat, 28 Jan 2023 20:55:07 GMT
Date: Sat, 28 Jan 2023 18:52:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bFFv+1BVQ6Snet7sbQ4EoxtE7tzSiF5iL4pHh1GE4VlENSlHEO/p6tFKykuSqLhY5EzDYcnQapk=
x-amz-request-id: 0GFD5GD38D0YGTZQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 18:50:01 GMT
age: 135
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:52:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 18:41:40 GMT
age: 637
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d78e9648836d2a5a9a3d3f9a4ae715c3
5690020b4fab70f15d78203d4a222888e8880a00
d217f7160c05e49e72fea585d2baa328266b3c1da60af6b95543b1a75b044355

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 18:52:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 01:43:03 GMT
Expires: Thu, 02 Feb 2023 01:43:02 GMT
Etag: "5690020b4fab70f15d78203d4a222888e8880a00"
Cache-Control: max-age=369644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790bec9f39280b69-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13470
Expires: Sat, 28 Jan 2023 22:36:47 GMT
Date: Sat, 28 Jan 2023 18:52:17 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.189.85.130

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.85.130:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yes40w8lKxGUzZDSainhHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xDSeFPJL/nGnZTa3ASJdCVjtT8A=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

saffronus.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

198.54.126.25

200 OK

2.4 kB

URL HTTP/2
saffronus.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.4 kB (2394 bytes)
Hash
ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Sun, 02 Oct 2022 09:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-includes/js/mediaelement/wp-mediaelement.min.css

198.54.126.25

200 OK

982 B

URL HTTP/2
saffronus.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4186), with no line terminators
Size
982 B (982 bytes)
Hash
24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Sun, 02 Oct 2022 09:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-includes/css/classic-themes.min.css

198.54.126.25

200 OK

217 B

URL HTTP/2
saffronus.com/wp-includes/css/classic-themes.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 01:30:29 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css

198.54.126.25

200 OK

1.8 kB

URL HTTP/2
saffronus.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10435), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 13 Jan 2023 10:05:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/contact-form-7/includes/css/styles.css

198.54.126.25

200 OK

870 B

URL HTTP/2
saffronus.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
870 B (870 bytes)
Hash
db1891276028bf4b41d1e27e86517147
00b1fb3f26fd4b31d4ea0bf6ef5fb87e7a643d74
9351dbbea3e724e73cde04476a06a98a726c0b341c4cbe4a40354c4752494e5d

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 10:15:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 870
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-includes/css/dist/block-library/style.min.css

198.54.126.25

200 OK

12 kB

URL HTTP/2
saffronus.com/wp-includes/css/dist/block-library/style.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 22:03:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css

198.54.126.25

200 OK

23 kB

URL HTTP/2
saffronus.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
23 kB (23279 bytes)
Hash
7764ef0866edd9e19f3bae0b3774154c
2a8091abd24aa9434f9c4374a34a584af19106c8
47c6e34db110643e3578fa035f62d990d69575305f466756efc84527fb0fa604

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 13 Jan 2023 10:05:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23279
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/css/owl.carousel.css

198.54.126.25

200 OK

1.8 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/css/owl.carousel.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1764 bytes)
Hash
c4cc01407220a3265141a3b0564b75e4
3b8aeb062231bd8de00043dc3358e30ebfa0d278
988a1d0f3ee21ab3328e9f1e8b7ffa0ba5474b76e68c2aa2fb927dbb9743d5ca

HTTP Headers

GET /wp-content/themes/mts_coupon/css/owl.carousel.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1764
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/css/responsive.css

198.54.126.25

200 OK

3.5 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/css/responsive.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
assembler source, ASCII text
Size
3.5 kB (3518 bytes)
Hash
a79c9bf0b4528d42fdd5cc1f165b966a
988892204828d8f9782275ff84c09a617ce345e1
dc3809f6ae4c3b5a22c1b6aa952ae6bbd5ba8f09e358e142b7cc324d9c020c87

HTTP Headers

GET /wp-content/themes/mts_coupon/css/responsive.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3518
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/style.css

198.54.126.25

200 OK

16 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/style.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (492)
Size
16 kB (15538 bytes)
Hash
29cb96cb5eb6c20928bf703c54e64fd7
cee1f6cbf0353d7099cc51e4bd218ade9b141bea
ad0c07de52ed1dddcef2c6493da334354fea24f83b603c21c768f9a5687f8290

HTTP Headers

GET /wp-content/themes/mts_coupon/style.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15538
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-includes/js/jquery/jquery-migrate.min.js

198.54.126.25

200 OK

4.0 kB

URL HTTP/2
saffronus.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Sun, 02 Oct 2022 09:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/affiliate-egg/res/js/price_alert.js

198.54.126.25

200 OK

385 B

URL HTTP/2
saffronus.com/wp-content/plugins/affiliate-egg/res/js/price_alert.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
385 B (385 bytes)
Hash
8075704b730e83fb1fd29f88fdcc2900
81fd08249b2d0d39ffa24ac9b55def153e1843f8
5bfa576cad4da3b47c7bf198c00d27bd9d7a52f3e32d990ee3f634e5df933cae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/affiliate-egg/res/js/price_alert.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Sun, 25 Dec 2022 09:16:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 385
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/content-egg/res/js/price_alert.js

198.54.126.25

200 OK

477 B

URL HTTP/2
saffronus.com/wp-content/plugins/content-egg/res/js/price_alert.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
477 B (477 bytes)
Hash
2aa84da42940895c1e434eaa5bdad718
6dee6ca53834de06be948d2084779d8285039af4
80a3b64446378cf09da2bad8018d173b987c062e3a44edd98663e203dc4f93f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/content-egg/res/js/price_alert.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Sat, 28 Jan 2023 09:22:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 477
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2019/04/Logo-saffronus.png

198.54.126.25

200 OK

6.5 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2019/04/Logo-saffronus.png
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 180 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6460 bytes)
Hash
06e4066acb0da7e9ea17c43a017506b0
0a307899242a72399529c1065add13598e9fbd99
ae81e2d6ff5ef6579b18c9557bf8f149c27395a449550735decd9692a0cb59dd

HTTP Headers

GET /wp-content/uploads/2019/04/Logo-saffronus.png HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: image/png
last-modified: Wed, 17 Apr 2019 16:22:37 GMT
accept-ranges: bytes
content-length: 6460
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js

198.54.126.25

200 OK

2.9 kB

URL HTTP/2
saffronus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10565), with no line terminators
Size
2.9 kB (2911 bytes)
Hash
70f3b9dd6a51a766210411d4ed0752de
5507f795072da10842897292e32c24b8cbf7827d
8ad70d44d761d4e24fdcdd496c7d529c52c68a7c7dce2471104d4efa2d01ca89

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:15:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2911
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/contact-form-7/includes/js/index.js

198.54.126.25

200 OK

3.9 kB

URL HTTP/2
saffronus.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12761), with no line terminators
Size
3.9 kB (3876 bytes)
Hash
15650873a686136e7436d22dc1fd1113
d5dcae162c6e16d522f3fb829d69e098b9314c74
9648e9d80b4e797e35d03315f648a2e6f58e6d5c2efb662d3c89e2ab1ed52416

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 10:15:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3876
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/css/font-awesome.min.css

198.54.126.25

200 OK

6.6 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/css/font-awesome.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30770)
Size
6.6 kB (6636 bytes)
Hash
52a481143cf5a26745dda7e5387a818e
f88f49586ad849084d9a6c1ce361f4c3fe8afe7c
c5602d51bb7891da8ec22c0228f3cad27579cde08086c21a4381f4e1da9538c8

HTTP Headers

GET /wp-content/themes/mts_coupon/css/font-awesome.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6636
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css

198.54.126.25

200 OK

7.8 kB

URL HTTP/2
saffronus.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12105)
Size
7.8 kB (7765 bytes)
Hash
9eb74d6046300023686419f6305d4d8c
c4dbb5662f53ced3d0df73c1e2ff63cf1a19c060
02a590bc43301c6b37705d9d778644d6c885dfa367f0f9bad85915042c78f9e3

HTTP Headers

GET /wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 22:08:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7765
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/plugins/jetpack/css/jetpack.css

198.54.126.25

200 OK

16 kB

URL HTTP/2
saffronus.com/wp-content/plugins/jetpack/css/jetpack.css
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (15688 bytes)
Hash
4128d337c26c3a99038deb6bc5a7bc47
86b59c97f52149c2912ffb703e1a0b0f0cc6abe3
3533364c1722032e5d6e3935b08cd20211a6ef5b421a295e3ca65b0f36427b4e

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: text/css
last-modified: Mon, 16 Jan 2023 22:08:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15688
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-includes/js/jquery/jquery.min.js

198.54.126.25

200 OK

30 kB

URL HTTP/2
saffronus.com/wp-includes/js/jquery/jquery.min.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 01:30:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/js/owl.carousel.min.js

198.54.126.25

200 OK

14 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/js/owl.carousel.min.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32068)
Size
14 kB (14315 bytes)
Hash
1a3adcd405c630448479c2190e5a8183
50763affd6ce831f20612d79604be628d2188343
d34d1f9654ba2c2deed0958c44028b215b6a8ecf0af9332651fa80af3478bf96

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_coupon/js/owl.carousel.min.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14315
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17424, version 1.0\012- data
Size
17 kB (17424 bytes)
Hash
ae296b25384237514e540501a98ce4b2
f031046681848999f489f0585db7a5fc42270c42
69d2e3ffdee3731bdd06ac65ddd73d847cf46e42884cf21412960f376f411251

HTTP Headers

GET /s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saffronus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:31 GMT
expires: Sat, 27 Jan 2024 10:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:52 GMT
content-type: font/woff2
age: 118007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1Z4Y.woff2

216.58.207.227

200 OK

8.9 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1Z4Y.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8932, version 1.0\012- data
Size
8.9 kB (8932 bytes)
Hash
e7e41c727e24bc57cbde289610bc47f8
83de661160dbdd2753a1eba876ef15b16e9e645c
497d075e57983754beb4314bc891e4862968af310350c3efef10540ac6cb217e

HTTP Headers

GET /s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFWUU1Z4Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saffronus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:37:46 GMT
expires: Thu, 25 Jan 2024 19:37:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:44:41 GMT
content-type: font/woff2
age: 256472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

saffronus.com/wp-includes/js/wp-emoji-release.min.js

198.54.126.25

200 OK

4.6 kB

URL HTTP/2
saffronus.com/wp-includes/js/wp-emoji-release.min.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Sun, 02 Oct 2022 09:26:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/js/customscript.js

198.54.126.25

200 OK

5.3 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/js/customscript.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
5.3 kB (5317 bytes)
Hash
b8c2c2f2cdf39f34a97e99501110b373
4b5f210a6bd19fe2f37febd25458b1769c060699
5a6a4c88a8c5163923d0ca655960e867c43964f22c21e73d79ad39f2803bc439

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_coupon/js/customscript.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5317
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/js/clipboard.min.js

198.54.126.25

200 OK

4.4 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/js/clipboard.min.js
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (10199)
Size
4.4 kB (4419 bytes)
Hash
fc1cc94fd89bcdd74746fc4fd5a56ad8
f0b7d98a5c3e55e6f5b4f69dd5db92c9190867f2
fb3971cbc3472820fc79d2fa55b049c6ed4cf080eca25c6b1ab2f2a36ea6cd5f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_coupon/js/clipboard.min.js HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:17 GMT
content-type: application/javascript
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4419
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pixel.wp.com/g.gif?v=ext&blog=161365897&post=0&tz=7&srv=saffronus.com&j=1%3A11.7.1&host=saffronus.com&ref=&fcp=2035&rand=0.41521686057439333

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=161365897&post=0&tz=7&srv=saffronus.com&j=1%3A11.7.1&host=saffronus.com&ref=&fcp=2035&rand=0.41521686057439333
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=161365897&post=0&tz=7&srv=saffronus.com&j=1%3A11.7.1&host=saffronus.com&ref=&fcp=2035&rand=0.41521686057439333 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:52:18 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/images/nobg.png

198.54.126.25

200 OK

68 B

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/images/nobg.png
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
73031b554fd75a3df2b54c9fc5d2d654
447a248347bf2e003df3dd1750403068575ee019
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

HTTP Headers

GET /wp-content/themes/mts_coupon/images/nobg.png HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/png
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-length: 68
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/themes/mts_coupon/fonts/fontawesome-webfont.woff2

198.54.126.25

200 OK

77 kB

URL HTTP/2
saffronus.com/wp-content/themes/mts_coupon/fonts/fontawesome-webfont.woff2
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_coupon/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://saffronus.com/wp-content/themes/mts_coupon/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: font/woff2
last-modified: Fri, 09 Jul 2021 01:25:57 GMT
accept-ranges: bytes
content-length: 77160
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2019/04/cropped-icon-saffronus-32x32.jpg

198.54.126.25

200 OK

845 B

URL HTTP/2
saffronus.com/wp-content/uploads/2019/04/cropped-icon-saffronus-32x32.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Size
845 B (845 bytes)
Hash
3a300fdd15cd7ead640718ff14df285b
4f9d1599838f8b5ea45c1c18865c9377b1295bfc
9315ef8b97e4a63752fe359449dff43d343af14b8dbb9721c9af698578b218aa

HTTP Headers

GET /wp-content/uploads/2019/04/cropped-icon-saffronus-32x32.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Wed, 17 Apr 2019 16:31:23 GMT
accept-ranges: bytes
content-length: 845
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

stats.wp.com/e-202304.js

192.0.76.3

200 OK

9.4 kB

URL HTTP/2
stats.wp.com/e-202304.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2690)
Size
9.4 kB (9447 bytes)
Hash
d114afbd6ca1fe68b2161805e9b7d9fe
90b2cc218e2ee666db86f4858a6250ec3bee3ea7
89706aeff59ca2538f2e67d5f9be8f138dec14596f6e463b237d8deaf64f89bb

HTTP Headers

GET /e-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:52:17 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Dec 2023 21:09:59 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/02/logo-klook-coupon.jpg

198.54.126.25

200 OK

9.5 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/02/logo-klook-coupon.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 300x90, components 3\012- data
Size
9.5 kB (9460 bytes)
Hash
78d6c32e838d0847aa3b2cd318214890
0face37019613eec68b04a5d144f8b4d575d2fbf
8d56f995b9753072c65932740224ef9398452a215bb2fcbb2f26d430da4b9eb0

HTTP Headers

GET /wp-content/uploads/2020/02/logo-klook-coupon.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Thu, 27 Feb 2020 03:07:56 GMT
accept-ranges: bytes
content-length: 9460
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/02/logo-mytour-coupon.jpg

198.54.126.25

200 OK

6.7 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/02/logo-mytour-coupon.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, orientation=upper-left], baseline, precision 8, 300x90, components 3\012- data
Size
6.7 kB (6687 bytes)
Hash
db83eb4a668cfc6919a7daafd1f31383
d2a481091929a35a5a50db2ca5a1063dff0c4851
b50251b780b32996331ecfffa29aaac6bab0f324f6b437fef0fb893915d283ac

HTTP Headers

GET /wp-content/uploads/2020/02/logo-mytour-coupon.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Thu, 27 Feb 2020 03:06:59 GMT
accept-ranges: bytes
content-length: 6687
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/02/logo-divui-coupon.jpg

198.54.126.25

200 OK

8.0 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/02/logo-divui-coupon.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, software=PhotoScape], baseline, precision 8, 308x90, components 3\012- data
Size
8.0 kB (8012 bytes)
Hash
816b57595b2bd2f930a708a1c123c2f0
32b925637cbead470022136971ab9dd584090716
04de9e166403dba67469397ed8948f45d6b78f32008f6d9999e945b915264d97

HTTP Headers

GET /wp-content/uploads/2020/02/logo-divui-coupon.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Thu, 27 Feb 2020 03:07:17 GMT
accept-ranges: bytes
content-length: 8012
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/02/vntrip-logo-coupon.jpg

198.54.126.25

200 OK

7.9 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/02/vntrip-logo-coupon.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 300x90, components 3\012- data
Size
7.9 kB (7937 bytes)
Hash
2d2f2ee50c752e2de4d5b51765d958f2
5d72c5232c2bb31a56b838cf175a666306fc816d
b377646db2081e0487e27f5d90617d692a167ac540a9bad39572d16b8e504abe

HTTP Headers

GET /wp-content/uploads/2020/02/vntrip-logo-coupon.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Thu, 27 Feb 2020 03:06:14 GMT
accept-ranges: bytes
content-length: 7937
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/02/dichungtaxi-logo-coupon.jpg

198.54.126.25

200 OK

8.0 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/02/dichungtaxi-logo-coupon.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, software=PhotoScape], baseline, precision 8, 300x90, components 3\012- data
Size
8.0 kB (8022 bytes)
Hash
4aa89f12fbbd1db072ab1196cca0e3a1
14d0996690cda9fd77c46a4bf65a11681efb3235
a9239564977c3de63a04dd60d1bb99dc4d6628e4ff4c61bdeb61788683824705

HTTP Headers

GET /wp-content/uploads/2020/02/dichungtaxi-logo-coupon.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Thu, 27 Feb 2020 03:09:55 GMT
accept-ranges: bytes
content-length: 8022
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

saffronus.com/wp-content/uploads/2020/03/traveloka-magiamgia-logo.jpg

198.54.126.25

200 OK

7.2 kB

URL HTTP/2
saffronus.com/wp-content/uploads/2020/03/traveloka-magiamgia-logo.jpg
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x90, components 3\012- data
Size
7.2 kB (7240 bytes)
Hash
1b484832dd4efb6b073f57235fc558e4
f03f15103e022c3c4f639702aa2992c311bb37ba
7d599b3c78a1f62a005faafbfa9c87a0ba85aa54512c2504d547179a72889505

HTTP Headers

GET /wp-content/uploads/2020/03/traveloka-magiamgia-logo.jpg HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 18:52:18 GMT
content-type: image/jpeg
last-modified: Wed, 11 Mar 2020 07:17:16 GMT
accept-ranges: bytes
content-length: 7240
date: Sat, 28 Jan 2023 18:52:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 18:52:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 28 Jan 2023 20:11:22 GMT
Date: Sat, 28 Jan 2023 18:52:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4975 bytes)
Hash
c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XRAeWdoEkbnzXKOs_EdgQ1r9BGOeDNh4FRXm-fv0KiCz4juqk8UKIw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:35 GMT
age: 75163
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13375 bytes)
Hash
b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yEFlWGi3J14JLA0l2h02VlIqV8opHesKP6GOvfoP5Tp0m7dOYDxIGA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:32 GMT
age: 75166
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 74178
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 75332
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12397 bytes)
Hash
0ed1a0bd725b2078b4cfe4ed83877901
62493ca03be9870aac2341e033611a6d56bd322a
706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12397
x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5HbzoAMFXsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:37 GMT
age: 75341
etag: "62493ca03be9870aac2341e033611a6d56bd322a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 18:36:06 GMT
age: 972
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fab886d35a27f1ea89e95d08408e131c
ca2e7c94fa954aa477f1756d61ac9f94349bdc55
102b20858c47034b67115fcee25eb9c702e5a10119a3ee38bb1a6f1fe7cb5947

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6414
Cache-Control: max-age=88683
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:19 GMT
Etag: "63d40d40-1d7"
Expires: Sun, 29 Jan 2023 19:30:22 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/all.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/all.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
7318bdd53be3259563f14b2f5d9b8d80
e7906f1deb8703d07558c340f4b74ef489803e36
213e20571117bbf30918894b80490eca837fdefa0a5a3e9d38d95ad870214a58

HTTP Headers

GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ea5c85d503682ec9a2fcf3b8d3eb55ae
etag: "88c80f93644570b211db1ec48cd50c43"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 28 Jan 2023 19:12:15 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: cxi91TvjJZVj8UsvXZuNgA==
x-fb-debug: /+ENRN4H7XkikmFUTTn2ArEpQr4pVjZENVcREW6YBbB0hAOhoPuZJ/eSnm9N1m52/DQu97b/+pp/qwHmxfrvzw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fab886d35a27f1ea89e95d08408e131c
ca2e7c94fa954aa477f1756d61ac9f94349bdc55
102b20858c47034b67115fcee25eb9c702e5a10119a3ee38bb1a6f1fe7cb5947

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6414
Cache-Control: max-age=88683
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 18:52:19 GMT
Etag: "63d40d40-1d7"
Expires: Sun, 29 Jan 2023 19:30:22 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/all.js?hash=792f1c9c676661d10958c96f15baebe9

157.240.200.14

200 OK

88 kB

URL HTTP/2
connect.facebook.net/en_US/all.js?hash=792f1c9c676661d10958c96f15baebe9
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18605)
Size
88 kB (88277 bytes)
Hash
00ae4d9f002d71a9bf431ea2c4463430
3354c516d9a9199b87b838c9b95d1c27f6f59222
aab69bb4c0548596fe7b0815eaae21c2e9535ecdc19de7b3fadaef7f45cfc3e9

HTTP Headers

GET /en_US/all.js?hash=792f1c9c676661d10958c96f15baebe9 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saffronus.com
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d523489784d3c331bedb339c57da3905
etag: "2263498db0eb79135f9ff6650eab1bd7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 28 Jan 2024 17:21:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: AK5NnwAtcam/Qx6ixEY0MA==
x-fb-debug: moYak+Q3+cBUltMhaL0AeYVYQGaaY8TheCi8eeHwosF+X3zvelgKC1AMIDFQTtN+fFXldHsMynjjFkxEU3yupw==
priority: u=3,i
content-length: 88277
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

830 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (724)
Size
830 B (830 bytes)
Hash
d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d

HTTP Headers

GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 20:29:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: g9O5pz92hRWJzVSojtGGSkznSKwJ4KH+ixMyubHnb5uU1/2G06QNv94mx+kWtIwIc1uVatnhF9kqbTRHqLwb/w==
content-length: 830
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/CkP_OEW420e.css?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

5.4 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/CkP_OEW420e.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.4 kB (5350 bytes)
Hash
f427045673a5be09c2fd0dfff8b26b6c
44b1ffb67f66e8780094653079f4b23b6633a401
9247b311ee64286607ece3147e920dd3297343538cc9b2c030891b7b4a92fda3

HTTP Headers

GET /rsrc.php/v3/yN/l/0,cross/CkP_OEW420e.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 27 Jan 2024 18:02:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9CcEVnOlvgnC/Q3/+LJrbA==
x-fb-debug: kwDS3GwHmjDKgD/G87lq0GLvKcPQtVNxIKiUq5OwJ42cCYc14OL/TJr76u4QmO8CjavTdNFZ34XCTH2vmYPO5g==
priority: u=2
content-length: 5350
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1984)
Size
1.7 kB (1738 bytes)
Hash
e02981a8f7b00c3f3c4be66a969aecbc
2f8040095d5f8d2cc3c78a96ed6cb9d7dc5c8f79
a12ea55726cdca7e197e6a0790bea3e5f90893b7fea59541340556566ccbf93d

HTTP Headers

GET /rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 19:31:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4CmBqPewDD88S+ZqlprsvA==
x-fb-debug: /4LwG+C4j6DzVnzWmdvwYtnjRKywZ+OiDQJ9rmYd8UJw0sDHcLvGC8RNrRojfJ+eu5U+TjGvRSdj7DrYSaBymw==
content-length: 1738
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yO/r/2ihP3NA43zp.js?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

85 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yO/r/2ihP3NA43zp.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18622)
Size
85 kB (85074 bytes)
Hash
9290ac0bd9b4ab609f16d7e4285c267c
ee56180ad884dab1dbee0c4aa0fb3cb87c9fefe0
ce4e2c0fd3dd90d7e20ca4f70cf5488fc84a6b46f3953a4e7186fa0c82c1ea36

HTTP Headers

GET /rsrc.php/v3/yO/r/2ihP3NA43zp.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 20:17:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: kpCsC9m0q2CfFtfkKFwmfA==
x-fb-debug: B/R5/US140wTiVAaEeaUuRkxwFIrUGygv5Ymk4zdi7DLG7UQvfFfPS7yyYlRvE/DHL6CyqprsL4DsugOmsiwlg==
content-length: 85074
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

12 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (5542)
Size
12 kB (12334 bytes)
Hash
1ad15afc034f310427c81b0759603a2b
e5efd1d029dccf5fa8128c84aadb6544a4ab60e0
fedf63f655f9eef24c517c3d6762fb07b142213ba623d4a0b06614fb5d9754bd

HTTP Headers

GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 18 Jan 2024 23:12:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
x-fb-debug: 4n3wHNRSMi6kreY6gUDKrwAejVV7s7IbnyP/3dxKJBFD3Wd8ovz0Zf1dm7NLI518n+gGZ1KROnr2B+7L6k6/pg==
priority: u=3,i
content-length: 12334
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz

157.240.200.14

200 OK

24 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (42114)
Size
24 kB (23510 bytes)
Hash
f8ca3ab8395af8fbd25391b445bb6670
12da1e04b1e26a8c7710ac93a66ab4fbbbc5026d
2f11cd57e135482fab0eb7606f056110bfd99d3a5afb47732cc4bab681fb54ed

HTTP Headers

GET /rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 25 Jan 2024 16:30:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: +Mo6uDla+PvSU5G0RbtmcA==
x-fb-debug: TZ8qhvc8tnVla/QAZN8xseYFZBk86TB485RMcYKxIlcJNCh1fVcxGc1Ot2Tiw96nAYqhprzQd2FcO7058SBnsQ==
priority: u=3,i
content-length: 23510
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 18:52:19 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10d499e4234bf2%26domain%3Dsaffronus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsaffronus.com%252Ffab7720b7a536a%26relation%3Dparent.parent&container_width=374&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSaffronusOfficial%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=275 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: J8yWjvqBRqXBUYm9sqthRaSByYmoiMVdH1mez3ZprsbUwS8FxPKeA9Gg8Ldd/vvASQBy7fPzrtKJxGfEFss4HA==
date: Sat, 28 Jan 2023 18:52:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rubik:normal&subset=latin&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Rubik:normal&subset=latin&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Rubik:normal&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 18:52:17 GMT
date: Sat, 28 Jan 2023 18:52:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

saffronus.com/

198.54.126.25

200 OK

0 B

URL HTTP/2
saffronus.com/
IP
198.54.126.25:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: saffronus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/8.1.13
content-type: text/html; charset=UTF-8
link: <https://saffronus.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/aV4DL>; rel=shortlink
etag: "18211-1674913010;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 18:52:17 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

stats.wp.com/s-202304.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/s-202304.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saffronus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 18:52:17 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 22 Jan 2024 15:38:27 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL