Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://saporeg.co.za/

Overview

General Information

Sample URL:https://saporeg.co.za/
Analysis ID:1545883
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port

Classification

  • System is w10x64
  • chrome.exe (PID: 2332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 1852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=2000,i,10178120152671205613,10778938625918678113,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://saporeg.co.za/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://saporeg.co.za/registerHTTP Parser: <input type="password" .../> found
Source: https://saporeg.co.za/registerHTTP Parser: No favicon
Source: https://saporeg.co.za/registerHTTP Parser: No favicon
Source: https://saporeg.co.za/registerHTTP Parser: No <meta name="author".. found
Source: https://saporeg.co.za/registerHTTP Parser: No <meta name="author".. found
Source: https://saporeg.co.za/registerHTTP Parser: No <meta name="copyright".. found
Source: https://saporeg.co.za/registerHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49851 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.4:49856 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.4:50646 -> 1.1.1.1:53
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknownTCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /home HTTP/1.1Host: saporeg.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImJzeUtlSHJEd0ZuckZZS2dhYnlydEE9PSIsInZhbHVlIjoiK1NmXC9kaGNlOTdGM1RveXE1bmJEa3NCaEg1VFwvNVhCWE5mZW5UQXJ2NHU3amtlNjU4RTh2SDVrZUlqOW1FYzZFIiwibWFjIjoiOGY1Y2M5NjE3OWNkN2ZlN2ViM2Y0OGJjZmFmMWQyNWRmMWMyY2NlZDRiMjRiMTY4NDgzMzcwMDEwNTU2N2M5NyJ9; sapo_session=eyJpdiI6IlpCNEZ5d0tiQ2loREdHVWQ0eGduU3c9PSIsInZhbHVlIjoiek5idjl4ZHo4WmtpNFwvSEFSK0U4b2xjcEt0TXBmYW5nMXczVkY4VzJvek9zeTdiSW9UMDhvVWtXcDhIOWw1NGEiLCJtYWMiOiI5Y2U2MGM3NTEyM2I3NGExZTYyYTk2OGYwMTkwY2M5NTk0YTJlZjFiNjUwMmYzNGQzNzg5OWQ0ZmUxMDA5YTY5In0%3D
Source: global trafficHTTP traffic detected: GET /assets/vendors/datatables/dataTables.bootstrap.min.css HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/vendors/select2/select2.css HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/css/app.min.css HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/css/sapo/custom.css HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/images/logo/logo.png HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/images/landing-pages/slider_background.png HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /assets/images/landing-pages/inbox-cleanup-amico.png HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/images/landing-pages/red-tick.png HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0ZjI3YTNlMDhhOWE0NWRhMmNjMWE2ZjllNTc3Y2RhMzdlNzYxOWRjZjE5NjBiYWE2NmY3NWMzNjVjODFlOCJ9; sapo_session=eyJpdiI6IkErSjRkSWFLdldYZWtSS1BFSTM4Mmc9PSIsInZhbHVlIjoiTmY5RUgyU2loczBFZlMxNHVpYWpzMFk3bTJpaXVGQ3pMR05vWklVTmNhdEtXNTFVaGY4TVNtRGhuZGREOHV6WCIsIm1hYyI6IjZlYzdlZmU5YmRmN2NmNjdmYWFkOGUyYmI2OGIzZGI1MWU4NGU4YjhlZWZhM2VmNGMyZTU1NTU5YzJkYzFmZTYifQ%3D%3D
Source: global trafficHTTP traffic detected: GET /assets/images/landing-pages/ereg_icon.png HTTP/1.1Host: saporeg.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://saporeg.co.za/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImxWMHIxdVlsQ1Q3UERxMUZudlwvblwvdz09IiwidmFsdWUiOiJpSE1RS0xEcEgwV1ZsQWNUZUV6cHY4RlJvb2FReWc2U3h3eDJwWmMwZXBIYXNvRzFjVkVLQjh5UHA1MmhMalAxIiwibWFjIjoiNjk0Zj