Report - blit.co.za/srv/Z/cDl3lTPKx.zip

Report Overview

Submitted URL
blit.co.za/srv/Z/cDl3lTPKx.zip
IP
160.119.248.8
ASN
#328364 Host-Africa-AS
Submitted
2023-03-29 01:27:19
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.200.169.229
blit.co.za	unknown	2019-08-09T05:33:08Z	2023-03-09T13:37:04Z	361 B	433 B	160.119.248.8
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	686 B	1.4 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	37 kB	34.120.237.76
www.blit.co.za	unknown	2019-08-09T05:33:09Z	2023-03-05T20:40:26Z	14 kB	2.3 MB	160.119.248.8
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	665 B	630 B	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-29	medium	blit.co.za/srv/Z/cDl3lTPKx.zip	Malware
2023-03-29	medium	www.blit.co.za/srv/Z/cDl3lTPKx.zip	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3	Malware
2023-03-29	medium	www.blit.co.za/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0	Malware
2023-03-29	medium	www.blit.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1680053235	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=137977	Malware
2023-03-29	medium	www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4	Malware
2023-03-29	medium	www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0	Malware
2023-03-29	medium	www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-25
Pretty URL www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 04:27:26 Times Seen38041 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	262 B	2023-03-13	2023-04-06
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:29:44 Last Seen2023-04-06 13:17:06 Times Seen3 Hash 4e868e02ccfa85f717324e23605e632d e32e7eca9c1c2e3d3b40699a51bee9548e891305 ef7f2e9888f29770908ee26cf7fdeba292e1e7ac022b0ce636822e217559b4e2 Loading...

	www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1	3.0 kB	2023-03-07	2024-04-25
Pretty URL www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-25 04:54:53 Times Seen5919 Hash 8bc2109ef48cabf7a26b73d7c3536c5f 0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8 Loading...

	www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0	992 B	2023-03-07	2024-04-25
Pretty URL www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 09:08:19 Times Seen6814 Hash 787fe4f547a6cb7f4ce4934641085910 c2dee88d5bdfef214ce9c56f71a1df51cda0f328 654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79 Loading...

	www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1	1.7 kB	2023-03-07	2024-04-16
Pretty URL www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:05:41 Last Seen2024-04-16 14:38:20 Times Seen106 Hash d764e7ba43bdec7cd1cac12afdc8184b 27bbbaf3d2df73c6749df9aaa86566ea640c56d7 0dc9adab309692622c58cd63ca2f830bed3c805b446554ad504bc55177fd3e5b Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	165 B	2023-03-29	2023-03-29
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:21 Last Seen2023-03-29 23:41:21 Times Seen1 Hash ef27e078127fe7a71da00bf42cd95073 42dc36230a6f055c0362ad7d79e60a833947d76e d1cf8fe813b031bec336c77114b64948e727f8aa891744f54a85f22d1e1628bd Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	2.1 kB	2023-03-12	2023-03-29
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:12:06 Last Seen2023-03-29 23:41:21 Times Seen2 Hash b97a5db4489d861e18d4340dc45424f2 d1beb1f31ba873989543f1016b977396a2e0dcf7 044631ee27ec41ad9a7d09868b35765697019c59fe9d77f485e04d45b9078d87 Loading...

	www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1	9.5 kB	2023-03-07	2024-04-20
Pretty URL www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-04-20 18:59:05 Times Seen1750 Hash 2e96f622673104a3fb67ab56f849c073 f4c17ae4709cad9bc997357581f4e30fc4bbee2c b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe Loading...

	www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-25
Pretty URL www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-25 10:08:32 Times Seen31807 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	225 B	2023-03-29	2023-03-29
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:21 Last Seen2023-03-29 23:41:21 Times Seen1 Hash cf64555e4221e9e9bcf3bd0c6ae7bee2 94df51d9e4629c5b32c3ec910b5f647afa18b31a 2263693961b76198b40a69de2645341b7a0e6b4e5544d8ed5c1ff0fa1f86ce4f Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	159 B	2023-03-09	2023-12-19
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:36:37 Last Seen2023-12-19 03:24:01 Times Seen15 Hash 7980580e94d317879ad3469bb5aaf7c7 e6228691eb88745c2284abe5153ddc7e8ae585f7 58e4c7ee955aeb1b3c0091a28fc44c9a722993b8a66dca9bab3ecafb812402e9 Loading...

	www.blit.co.za/srv/Z/cDl3lTPKx.zip	78 B	2023-03-13	2023-04-06
Pretty URL www.blit.co.za/srv/Z/cDl3lTPKx.zip IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:29:44 Last Seen2023-04-06 13:17:06 Times Seen3 Hash 1e022ca7254eb62e5afc1bcd5b12d2c9 053933063af728ee803e4d4fcefdf095977507c1 3a44c71d17b8c32ca105158ea31ebdaad47f873b0928825e6e6c70e3fda2759d Loading...

	www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 160.119.248.8 ASN #328364 Host-Africa-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 10:34:46 Times Seen68619 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6517
Expires: Wed, 29 Mar 2023 03:15:45 GMT
Date: Wed, 29 Mar 2023 01:27:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10677
Expires: Wed, 29 Mar 2023 04:25:05 GMT
Date: Wed, 29 Mar 2023 01:27:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 01:15:53 GMT
content-type: application/json
age: 675
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6833
Expires: Wed, 29 Mar 2023 03:21:01 GMT
Date: Wed, 29 Mar 2023 01:27:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Zfc3/IdnoA1ekh2VM/lMDVs/dWxiqgJn2Cw8pAGCwlwK6Sq+9MZOB0CGahDD4qCUK/lEJDc+YDFAsNg/U1Ascg==
x-amz-request-id: JG6K9NKFNNR3HQ19
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 00:56:26 GMT
age: 1842
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 01:27:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Retry-After, ETag, Content-Length, Content-Type, Backoff, Pragma, Expires, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 01:14:36 GMT
age: 753
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13096
Expires: Wed, 29 Mar 2023 05:05:25 GMT
Date: Wed, 29 Mar 2023 01:27:09 GMT
Connection: keep-alive

push.services.mozilla.com/

54.200.169.229

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.169.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NqhihWgS4IaWEtk9uK0xyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lqg1JN3gMCC4y0OIQ7gYBZtNLGw=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18553
Expires: Wed, 29 Mar 2023 06:36:23 GMT
Date: Wed, 29 Mar 2023 01:27:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18553
Expires: Wed, 29 Mar 2023 06:36:23 GMT
Date: Wed, 29 Mar 2023 01:27:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18553
Expires: Wed, 29 Mar 2023 06:36:23 GMT
Date: Wed, 29 Mar 2023 01:27:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87e94469-1252-45e8-b548-a21d526285bb.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87e94469-1252-45e8-b548-a21d526285bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5929 bytes)
Hash
39350c32ad0254b7e50a1e3d7cf69988
a217002a06191f106a0ca4e97936635639f137a7
c2911f5da4542fbc2b6b4b68e1dc3a0bcad3457d2cc0dabe4e7f3973f857a5d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87e94469-1252-45e8-b548-a21d526285bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5929
x-amzn-requestid: 7aa8f047-3cbb-485d-9147-ba1429433ecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CU1_pHLyoAMFn8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e9d30-3ffe3daf6f9b11cf214b12d0;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: c7NRc015o83SACbrGUaytoQAruRXdub_3ZzNO0A0xUlvXRpCQ1i9vg==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 06:56:42 GMT
age: 66628
etag: "a217002a06191f106a0ca4e97936635639f137a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6049 bytes)
Hash
253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 13002
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb1c038-d2d6-4720-be3f-b49c35c20601.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6768 bytes)
Hash
37c2e1ec74a1835bc97dddc9182aabe2
bfcf8b27e47bb444375e52609c4f45079c11db98
ecd69e399a11762e40ab08cff4f4e989a6a5a2e03efc43b85625e82732acc9f8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb1c038-d2d6-4720-be3f-b49c35c20601.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6768
x-amzn-requestid: 1aeca6b3-7053-4272-8b6b-ee9b69debd3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i1FaboAMFlAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-7957fa08282a079e235c8f6f;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: eNL1gH4qDzoNJhQNFWAAFIuu-vYd5tioEvpv2f9VPRj5MHSoxBlW4A==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 11:06:59 GMT
age: 51611
etag: "bfcf8b27e47bb444375e52609c4f45079c11db98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6609d61-a455-4bc2-a81d-336103e2014f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6436 bytes)
Hash
bc44b850199ae52dbc7b9235276fd0fe
4e9fb59adb74ad8c012009daf21c40d14dc18053
f67756ff9dcc47eb9f2c62384c84301e053f21501e75e1d04606b2b385886a31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6609d61-a455-4bc2-a81d-336103e2014f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6436
x-amzn-requestid: bed01179-5c55-4cfa-8bc9-55ba1eb0a2a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CbbYHHEvoAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64213f66-515d553b76a57f395134e28d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 07:01:58 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: e3DoD1qto6PeZUbVhhXy2gF-P2e0K10jhaeVLLdPDgbizByskHICUw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 07:22:34 GMT
age: 65076
etag: "4e9fb59adb74ad8c012009daf21c40d14dc18053"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe01a936c-f073-4177-b922-749d4e396df1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3199 bytes)
Hash
75b91a5d54e3d08b34c7dbad9b5e7967
9bf41fd93263a50c56570d043d04afdfb63df916
71569ccf9b606f115a68ed9b00c26d33bf8e5555cd4b5d778321572fb7931faa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe01a936c-f073-4177-b922-749d4e396df1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3199
x-amzn-requestid: 62a12cec-6603-4653-873c-7aa482754a20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgutqF99oAMFmng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235e57-10976e7d5bfae38334912b0b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:38:31 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: N2CaWIVIyDP4QZSgtBoevtqIL9XewZozPQ-fdXbToNsjQ2imDjgCIg==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:00:59 GMT
age: 12371
etag: "9bf41fd93263a50c56570d043d04afdfb63df916"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2423 bytes)
Hash
ef31e77467cccbf20aa2656ff50a0cbe
f50b09779ce9b340ae3347e93ec2df33f7f8c73f
5c50ae61f57724446c927c12c4dbd9d5527ec9db8f33e5d521211e4b1f366c38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2423
x-amzn-requestid: 8cf5179c-e011-405e-aa08-7b94b1cf81c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguI9HYHIAMFtVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d6c-765e143b6730877b647f6de4;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:36 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: flT1XZDHhOPyVlgq7g9nM9RV8RPvukz6kYLvq-amrSI8OajTGpShEg==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
etag: "f50b09779ce9b340ae3347e93ec2df33f7f8c73f"
content-type: image/jpeg
age: 12933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

blit.co.za/srv/Z/cDl3lTPKx.zip

160.119.248.8

301 Moved Permanently

0 B

URL HTTP/1.1
blit.co.za/srv/Z/cDl3lTPKx.zip
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /srv/Z/cDl3lTPKx.zip HTTP/1.1
Host: blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 01:27:08 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 01:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blit.co.za/srv/Z/cDl3lTPKx.zip

160.119.248.8

404 Not Found

43 kB

URL HTTP/1.1
www.blit.co.za/srv/Z/cDl3lTPKx.zip
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size
43 kB (43398 bytes)
Hash
3eaca120018c059c7119d38aaf2f3fd1
ea9c61e40eb701df3fa719aee9fe650cca3056cf
212b1b9c254e2764ce3ed968018c7f2ff1e9f50b2842964c298274d0bf25c792

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /srv/Z/cDl3lTPKx.zip HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 01:27:13 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.blit.co.za/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0

160.119.248.8

200 OK

5.3 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (5305), with no line terminators
Size
5.3 kB (5305 bytes)
Hash
ee78f26525b08d4e372b92a1a3ed1d26
b4dbb4706c8a479b3891cbeddf19e162e36bd61a
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.blit.co.za/wp-includes/css/classic-themes.min.css?ver=1

160.119.248.8

200 OK

217 B

URL HTTP/1.1
www.blit.co.za/wp-includes/css/classic-themes.min.css?ver=1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 02 Nov 2022 08:17:31 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

160.119.248.8

200 OK

19 kB

URL HTTP/1.1
www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Last-Modified: Fri, 27 May 2022 08:38:52 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 01:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blit.co.za/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8

160.119.248.8

200 OK

17 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (16823), with no line terminators
Size
17 kB (16823 bytes)
Hash
45d09dd97ef87808dc42cce7d237d267
eb4c42172b5ea7212776f12acb1a556d5dd149ac
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

HTTP Headers

GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Dec 2021 08:57:48 GMT
Accept-Ranges: bytes
Content-Length: 16823
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.blit.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3

160.119.248.8

200 OK

2.7 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
2.7 kB (2731 bytes)
Hash
e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:56:34 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0

160.119.248.8

200 OK

12 kB

URL HTTP/1.1
www.blit.co.za/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
12 kB (11898 bytes)
Hash
c8c2a299075441ac66c9b0515ccbe82d
b5d1c64541949e374fbb7d0f78502c82bc5d8823
46f5923e67207718f6978a0cd6e8bd550899ca23d0c5fa7adf46a6d4e67ed3d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 10:59:39 GMT
Accept-Ranges: bytes
Content-Length: 11898
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1

160.119.248.8

200 OK

16 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
16 kB (15659 bytes)
Hash
2d57daec7be0d67c610d85bb9b9ff18f
0db5f0bac0cc6a4150f5e1c93c1f469de3c10f6b
a7c935f95aeb8182d229c38b65ff7351637dfc03e3c2e1ce1cc6753e8eca914f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:57:29 GMT
Accept-Ranges: bytes
Content-Length: 15659
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0

160.119.248.8

200 OK

529 B

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with CRLF line terminators
Size
529 B (529 bytes)
Hash
b655ad4016c052d438708a50654f7957
046aa8f2e76f9f0c7412b5f6e7a52b8ceed20421
3109fef8b2a9ab71fca698483d2bae36d8fed772517c259dacce872e739bb690

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 00:07:56 GMT
Accept-Ranges: bytes
Content-Length: 529
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

160.119.248.8

200 OK

95 kB

URL HTTP/1.1
www.blit.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (47826)
Size
95 kB (94889 bytes)
Hash
71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 16 Nov 2022 07:37:56 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.blit.co.za/wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1

160.119.248.8

200 OK

1.2 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (1249), with no line terminators
Size
1.2 kB (1249 bytes)
Hash
585ae91c16282c2507ef31e087143d34
16385142a9a40895ba416b02ebe2144805d39303
f2ead27abcd3d4b65c01b8d7ec578d5fe72afec4c4258dd20bbabc4f23995fce

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 10:58:26 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0

160.119.248.8

200 OK

192 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
192 kB (192102 bytes)
Hash
07cbe55d3b4a9fb7f079a6b3411159ea
86fbea1de32414a6a87f70ef7fedbbfa754dae25
b63468a1ed4bc776b1f43f4e7afea63235656b39065695e3ece1a9db2271c403

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 192102
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1

160.119.248.8

200 OK

18 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Size
18 kB (17925 bytes)
Hash
1cbcc9e85ba99c007f519bf1a67feb58
82d238c9b2a1797c0ad785c01309c49dc1f302af
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 17925
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1

160.119.248.8

200 OK

63 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Size
63 kB (62803 bytes)
Hash
7892d7349e74e7dd7fae386eda2dded7
bd31f749a68bfffc0ba299d94b5de5d3803d9b9b
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 62803
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1680053235

160.119.248.8

200 OK

59 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1680053235
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (59158)
Size
59 kB (59344 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1680053235 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 13:05:30 GMT
Accept-Ranges: bytes
Content-Length: 59344
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0

160.119.248.8

200 OK

56 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (56243)
Size
56 kB (56425 bytes)
Hash
f7409f91a34ea35236d98702f4e69f4c
3a3c16cbb1114f8e210b87cf3102a99968bf6a26
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 56425
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0

160.119.248.8

200 OK

34 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (34217)
Size
34 kB (34399 bytes)
Hash
ffb96099720dde6483d7cab290c543ee
1a6ece8eee36923d795cdf78674b47e7f1b8e94f
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 34399
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4

160.119.248.8

200 OK

118 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (65177)
Size
118 kB (118221 bytes)
Hash
09c097468c2402d88f759bff90371957
eb79fc5404d924831a51db9b34a42795f710597c
1a6a0bcd11e48c5a016b21ce7212bee386cbb5f3aae2b0a73fdfd62a38779fd3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 118221
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/style.css?ver=6.2.4

160.119.248.8

200 OK

20 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/style.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
Unicode text, UTF-8 text, with very long lines (438)
Size
20 kB (20446 bytes)
Hash
1d599bccfeef9530b8c60629b1a19c1f
9d1f3af5371719b931684e05e955f64e66ffb96d
195cb1e975597c84923ed28cd20ebb82198404313b562e8ef74c7c5c8d040a99

HTTP Headers

GET /wp-content/themes/consulting/style.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 20446
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4

160.119.248.8

200 OK

15 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (14923), with no line terminators
Size
15 kB (14923 bytes)
Hash
d9bebc78e923b6ccdf70de5824786eef
7d46d95d759d5d3698deb8299282a5d5c9a95374
ef604f87375b1cb5b66c2e489bb1a206567004a63fead1ee23bdafefd77450e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 14923
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4

160.119.248.8

200 OK

2.5 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
2.5 kB (2507 bytes)
Hash
bd8d2b0ea667c85fbe201f2cea6645c1
cdefabb71ae52d76c7f4a0001d6a42bfcc204161
f9ca777ec78406677e6766efc7741f31275064bdf086d215da5f434a34f54d88

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 2507
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4

160.119.248.8

200 OK

31 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (30857)
Size
31 kB (31020 bytes)
Hash
bab23154df2eebdb1d6857a2a553c196
cf00d4ce0559ad23063799c6edfa2cb3d2c31ea9
fcef7501a06d3d108599949ecbce2a7cd926ded556172c5408dc38155951158c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 31020
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4

160.119.248.8

200 OK

17 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
17 kB (17412 bytes)
Hash
caf7c408bb13e802cc3566b94f6c6d8d
e43435fb9eaa918f5b8e35c9e110124b8bd13751
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb

HTTP Headers

GET /wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 17412
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4

160.119.248.8

200 OK

8.6 kB

URL HTTP/1.1
www.blit.co.za/wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (8647), with no line terminators
Size
8.6 kB (8647 bytes)
Hash
e82686e1b7f4a858874856e6cf6587a7
be49d7ce9ee33655dd7ef60dcb6da12d83fab1a9
d9694838e57ee273523d071750f94fd1d5bdacb91db8a652b197dd74ff600a32

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Wed, 15 Dec 2021 18:46:15 GMT
Accept-Ranges: bytes
Content-Length: 8647
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4

160.119.248.8

200 OK

62 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (62058), with no line terminators
Size
62 kB (62058 bytes)
Hash
e0bd294d85e2d0ae608cd668fbe8331f
48f47c101c14107a40fd0bc2ed12194becbebeb8
ae9737ed40d7312d155e9cefce708442adba2dd80cf3c561a1808570cdff5c31

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:58:11 GMT
Accept-Ranges: bytes
Content-Length: 62058
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1

160.119.248.8

200 OK

15 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (14844), with no line terminators
Size
15 kB (14844 bytes)
Hash
b9e4db60e1d341f130ae532c9fe26b84
97ee62e9397e5593a44d1786c3cef61f5dd7aaf2
05aee75131f2bb1d05434394efdefa88ad103ce759d426bbe88e8e502842909b

HTTP Headers

GET /wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 14844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0

160.119.248.8

200 OK

48 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (48378), with no line terminators
Size
48 kB (48378 bytes)
Hash
d3133f105db3156c2cdebdf00a4a52e0
26a8a3301b8b811d02fae3b38a6090da824968e5
9c32a1fe4ca9e1272d2bea5febe84ef0df7ea67f31480cd6b6584ab662d963e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 48378
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0

160.119.248.8

200 OK

378 B

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
378 B (378 bytes)
Hash
70a5a5735d4764876ba9ade6f02d5e67
53dfef5d69c7aba0e6d060ddecd42fdaa971bdb9
e7f3d7942e84df89f6ae293c85283e93515d1d5a00edd1bf131d9a0b98945791

HTTP Headers

GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 378
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0

160.119.248.8

200 OK

31 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=137977

160.119.248.8

200 OK

477 kB

URL HTTP/1.1
www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=137977
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
477 kB (477351 bytes)
Hash
f7645f6f63dc9f68f01b83e8e4b568ec
69d98bab223ab5f9c1529d1f428bf0b9310f70a3
be08a5d7816daf3f91247ecf65b3c5b98a7c037e2b63df16420e70346d0e1e35

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/stm_uploads/skin-custom.css?ver=137977 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 12:51:02 GMT
Accept-Ranges: bytes
Content-Length: 477351
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

160.119.248.8

200 OK

11 kB

URL HTTP/1.1
www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:22:47 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4

160.119.248.8

200 OK

699 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
699 kB (699258 bytes)
Hash
7ef9e737c867bd043a1197b5b792c48c
616af38a511d3b913e181dff42a178c8dcb7273c
85c69095fade5d795c7e2d4a2b3111a7b2c22cf04358acd8bd7e703297978de3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:16 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:58:37 GMT
Accept-Ranges: bytes
Content-Length: 699258
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1

160.119.248.8

200 OK

9.5 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (9151)
Size
9.5 kB (9545 bytes)
Hash
2e96f622673104a3fb67ab56f849c073
f4c17ae4709cad9bc997357581f4e30fc4bbee2c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 9545
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1

160.119.248.8

200 OK

3.0 kB

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
3.0 kB (3037 bytes)
Hash
8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

160.119.248.8

200 OK

90 kB

URL HTTP/1.1
www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text, with very long lines (65447)
Size
90 kB (89684 bytes)
Hash
17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:17:32 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0

160.119.248.8

200 OK

992 B

URL HTTP/1.1
www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
992 B (992 bytes)
Hash
787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1

160.119.248.8

200 OK

1.7 kB

URL HTTP/1.1
www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1
IP
160.119.248.8:0
ASN
#328364 Host-Africa-AS

File type
ASCII text
Size
1.7 kB (1711 bytes)
Hash
d764e7ba43bdec7cd1cac12afdc8184b
27bbbaf3d2df73c6749df9aaa86566ea640c56d7
0dc9adab309692622c58cd63ca2f830bed3c805b446554ad504bc55177fd3e5b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/Z/cDl3lTPKx.zip

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 01:27:17 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 1711
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blit.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 01:27:15 GMT
date: Wed, 29 Mar 2023 01:27:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML