r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Tue, 24 Jan 2023 07:51:50 GMT
Date: Tue, 24 Jan 2023 06:31:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4618
Expires: Tue, 24 Jan 2023 07:48:52 GMT
Date: Tue, 24 Jan 2023 06:31:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 05:42:41 GMT
content-type: application/json
age: 2953
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8214
Expires: Tue, 24 Jan 2023 08:48:48 GMT
Date: Tue, 24 Jan 2023 06:31:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6+rn7erHnt/PG2j+Z9NUZNoP/G2D5Oz9WD9hkeF9PnyGhe8UGDTAbuUrBWVeWa0GKBX5C4Pb/9I=
x-amz-request-id: R59K58NTY8HX5V5S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 06:19:10 GMT
age: 764
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:31:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vape.co.za/nmt/C/4T65fl199.zip
41.222.32.13301 Moved Permanently 707 B URL HTTP/1.1 vape.co.za/nmt/C/4T65fl199.zip
IP 41.222.32.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /nmt/C/4T65fl199.zip HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 24 Jan 2023 06:31:54 GMT
server: LiteSpeed
location: https://vape.co.za/nmt/C/4T65fl199.zip
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 06:17:31 GMT
age: 863
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:54 GMT
Last-Modified: Tue, 24 Jan 2023 06:14:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c320c25102886f3676ca782ae0b82e37
d3343d4781027b7764f688bbc6c0004860cee5ff
f56ec1e9bf94c418596cfa308480bc6bfa7abe40a9730739006612a362f11457
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:31:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 05:48:52 GMT
Expires: Sat, 28 Jan 2023 05:48:51 GMT
Etag: "d3343d4781027b7764f688bbc6c0004860cee5ff"
Cache-Control: max-age=342416,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78e6ba976f17b50c-OSL
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lDSf4DAvxUXa0aBQkoqEZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 27jVb75Mu0nv4yB2iVXbHT7HbeI=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Tue, 24 Jan 2023 09:13:56 GMT
Date: Tue, 24 Jan 2023 06:31:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Tue, 24 Jan 2023 09:13:56 GMT
Date: Tue, 24 Jan 2023 06:31:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Tue, 24 Jan 2023 09:13:56 GMT
Date: Tue, 24 Jan 2023 06:31:56 GMT
Connection: keep-alive
vape.co.za/nmt/C/4T65fl199.zip
41.222.32.13404 Not Found 35 kB URL HTTP/2 vape.co.za/nmt/C/4T65fl199.zip
IP 41.222.32.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash 4843e66ce1d0dda3eebf21a3e904eb36
f156f072e3180c37352f874c3f36b64cd6bc1718
1488ca372c1a44b960077a99d231a2b3c49f619dc864d1c7ab543d15c34be20e
Analyzer Verdict Alert fortinet Malware
GET /nmt/C/4T65fl199.zip HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
set-cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip; expires=Tue, 21-Feb-2023 06:31:55 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://vape.co.za/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
date: Tue, 24 Jan 2023 06:31:55 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9720
Expires: Tue, 24 Jan 2023 09:13:56 GMT
Date: Tue, 24 Jan 2023 06:31:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04af13ec975466fc3ef272576a3f152d
da2919e43cb4870ec1069a317a92972efeecf6a7
927033473cf2325ea89714abce53a15e95a0445982f974796e92d92b677e7ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 219af615-0af6-4614-912a-a92081806773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyw-GPpIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6c-14cfd71a76ab5e5251061abf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: --fbhmeBDMcDvYgc4wxQp5sJ83R83L3AJJ3vMzcBem5N20NQr-kwGw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:15:41 GMT
etag: "da2919e43cb4870ec1069a317a92972efeecf6a7"
content-type: image/jpeg
age: 29775
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZE7yDAT_YRseW7m410pGAwkWAwJ2HmuTlg2IbSvCbN20SJbmQ4Odg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:06:36 GMT
age: 30320
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:49:41 GMT
age: 6135
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c29ea116f715297b757c81dab8d1b5f3
6aae9d763dec58740cdfbfe46f6c69986b81414d
09afde8ec60dd1471e0ce33ed11ae4542b6813ad02e2abf037629a8ae5cfe240
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12102
x-amzn-requestid: 54ba881d-c54b-49fa-a5b3-20b8d80f2a35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrNG1AIAMFxTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-1acbf1c34a4dbfdd506d3383;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHA4jmrQvf2RWyPB4RRjQNr_zvaDR07EMo2oHUT12GAE9QbTP3umnA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:53 GMT
age: 30423
etag: "6aae9d763dec58740cdfbfe46f6c69986b81414d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3172dcbfc344029f09fec71cfa869af7
1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad
e818325e9a7a516912bba892f0ff7377ee0a60d0a38afbbc7f41f8f5d7857a07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 25119c89-8b57-4f78-ba4d-6181a565fc55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrOG_VIAMF15w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-5f7fde965860cba74a51ddbf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZM3fGgrP1P7ju8-1AFIahWbbTgZaAu3mCZyN9m_g_rw6rWHeldJhmQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:44 GMT
etag: "1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad"
content-type: image/jpeg
age: 30852
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 056caf4190dfd50ec8ccd4c81906a3aa
a913fcf6f7e4250c70ea97e55d0f1cce5b144c50
1747b399960d4953c1154e1185afd9429f519799ac443e486042bd64b31183ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7768
x-amzn-requestid: 1acc401a-ede6-4079-8bdc-cbee1b1bfab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-BF4coAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca859-32a96bef2c041ade5f0fb021;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2VY8s0VM4Dl6c88tWYw3v3VSzc1ZQs9MlF6b-pvw-tb31Dn6cqPmg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:23:40 GMT
age: 7696
etag: "a913fcf6f7e4250c70ea97e55d0f1cce5b144c50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c320c25102886f3676ca782ae0b82e37
d3343d4781027b7764f688bbc6c0004860cee5ff
f56ec1e9bf94c418596cfa308480bc6bfa7abe40a9730739006612a362f11457
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 06:31:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 05:48:52 GMT
Expires: Sat, 28 Jan 2023 05:48:51 GMT
Etag: "d3343d4781027b7764f688bbc6c0004860cee5ff"
Cache-Control: max-age=342416,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78e6baa1f94bb50c-OSL
vape.co.za/wp-content/cache/min/1/mailchimpSF_main_css.css?ver=1.5.8
41.222.32.13200 OK 292 B URL HTTP/2 vape.co.za/wp-content/cache/min/1/mailchimpSF_main_css.css?ver=1.5.8
IP 41.222.32.13:0
Hash 4d06ef19f6707784f3010b7aa0786822
3980e16ce964b5bc91719b04a9aec981103fd2d5
750881c73dbb30d29c1ce5baeb92a669c2a279a114f8f385d892c0783d14bde6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/min/1/mailchimpSF_main_css.css?ver=1.5.8 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 15 Nov 2022 13:34:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 292
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-213713896-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-213713896-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash b5afa50534c909a4f66ab6043f9c4ce5
027835af8d9ba732ca9d7bb4327c39b6df107b95
57a072c931962e45686e7923a9b92f70031d3cfe15f041a35efffb6b684e2a28
GET /gtag/js?id=UA-213713896-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Jan 2023 06:31:56 GMT
expires: Tue, 24 Jan 2023 06:31:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 24 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44040
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce-table-rate-shipping/assets/css/frontend.css?ver=1
41.222.32.13200 OK 80 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce-table-rate-shipping/assets/css/frontend.css?ver=1
IP 41.222.32.13:0
File type ASCII text, with no line terminators
Hash 70527fe2544e1fd93f08008134b05e4f
35eab59d5b97c3fc7bbbca64922ec0c95eca0be6
c25b7bd421517696e5cc7ee6723229c5a5990c62a62cecc448dbc590bb6ec95c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-table-rate-shipping/assets/css/frontend.css?ver=1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 11 Feb 2019 10:29:57 GMT
accept-ranges: bytes
content-length: 80
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
41.222.32.13200 OK 11 kB URL HTTP/2 vape.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 10946
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.2
41.222.32.13200 OK 1.8 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.2
IP 41.222.32.13:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.2 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1754
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.2
41.222.32.13200 OK 22 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.2
IP 41.222.32.13:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 37fc35d94f231f49342455aa62a49a31
3237b3e70a77650948f40db344d3acee04801eac
dd0a6071e780a985f5af054517849d094449be56592bf136928954d47fe18af5
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.2 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 22479
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/css/lpac-public.css?ver=1.6.9
41.222.32.13200 OK 476 B URL HTTP/2 vape.co.za/wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/css/lpac-public.css?ver=1.6.9
IP 41.222.32.13:0
Hash d0b42673fa0ee9eb156bc4cbed989f19
6ca94730699538d3361b535b5d39194ccacb94d9
0a1b5d41045b125dc66d8ab4ac227a096da3185bea9ce3898579b28f25dfca8a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/css/lpac-public.css?ver=1.6.9 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 20 Oct 2022 04:44:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 476
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/assets/css/bwp_ajax_filter.css?ver=6.0.3
41.222.32.13200 OK 769 B URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/assets/css/bwp_ajax_filter.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash c2c26954718c675e1bba58f1fce2c0b7
0239a956f3509dd87578fb9e4253612a82c99da0
3cab064aca718271aae234fe6544928b18bb6b3ccbda5ce518797cd459346d46
GET /wp-content/plugins/wpbingo/assets/css/bwp_ajax_filter.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 769
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/lib/buy-together/assets/css/frontend.css?ver=6.0.3
41.222.32.13200 OK 535 B URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/lib/buy-together/assets/css/frontend.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash 57852b41f10b9a26b422389b03435df2
4ec75df2624648dc6914f582ab4e2e9c28b6c388
7c8a21ae03d1bf8264cf6134431f56f1acfd57a6a819c07973acd0fc5adb8b90
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpbingo/lib/buy-together/assets/css/frontend.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 535
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/css/gens-raf.css?ver=2.3.16
41.222.32.13200 OK 1.8 kB URL HTTP/2 vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/css/gens-raf.css?ver=2.3.16
IP 41.222.32.13:0
Hash 974034b8349c431627c531b02cc54c97
7b4080eda14e0023530cb38d7a1f86ff24d6c1ae
b4229f1e7114f384a72aa7b0320ba94ba29fd7c8e1f9ba531c0295ed6bc22434
GET /wp-content/plugins/wpgens-refer-a-friend-premium/assets/css/gens-raf.css?ver=2.3.16 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 12 Oct 2021 07:49:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1787
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/style.css?ver=6.0.3
41.222.32.13200 OK 365 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/style.css?ver=6.0.3
IP 41.222.32.13:0
Hash 30bc4b276bda13f03b9e4b669d0706f9
002b5f89bfc7f8d77147547a336e443ccd26090d
1f3294051f5103010b2969e1bd1db8aec56e73595796a75b76d9edf181fbc90b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/style.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Sep 2021 13:12:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 365
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vape.co.za/wp-content/themes/vapier/css/bootstrap.css?ver=6.0.3
41.222.32.13200 OK 10 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/bootstrap.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (678)
Hash 51ed586e2b20ca30e7c6d9e7599babdb
06ad531ac98a83aa45d426ef5941931d5b549632
5f9c6b902ee5cff8a99d46a82496cac6a35b364538f8025fd3664373a0cec41e
GET /wp-content/themes/vapier/css/bootstrap.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 10181
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/jquery.circlestime.css
41.222.32.13200 OK 180 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/jquery.circlestime.css
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash 01fb67284fdbc6d1220f6ffaaa6e1036
8d132eda2aa09656118f01401954746090c1fdc4
fff767df383d4ef05facb00c3b759a32a9fd16653ceb4d755dd9599914378f4d
GET /wp-content/themes/vapier/css/jquery.circlestime.css HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 180
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/jquery.mmenu.all.css?ver=6.0.3
41.222.32.13200 OK 6.8 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/jquery.mmenu.all.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (10038)
Hash b9c52e67f643cf0363519512aa632626
93a34cecfff51b2ba01b4d31a8a26da13418f6aa
9612a53c60c4c2bd1381a52dc8338744f88c6ba79418e624ac130aa45e9e4f84
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/jquery.mmenu.all.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 6824
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/slick/slick.css
41.222.32.13200 OK 840 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/slick/slick.css
IP 41.222.32.13:0
Hash 4a0d11614b2d904b47ff38146b54cf36
a8a6626225f6debf759734e7ecf603bca1855bd8
0d88f8a767b2c5216538e209f70e287c649757131179442c6959affdd18733d2
GET /wp-content/themes/vapier/css/slick/slick.css HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 840
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.0.1
41.222.32.13200 OK 857 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash f91b0cde1c3ae9c4865dbe50b94b7e96
26c7baee70eca5d442f5f30a7c0ccd0a6187c105
224aecccc666e90a5607c1ee584952f275cae6c6f8cad50f9d9834d7499c4bd9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 857
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
41.222.32.13200 OK 6.7 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (30837)
Hash 5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 6657
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/materia.css?ver=6.0.3
41.222.32.13200 OK 7.2 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/materia.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash 5329cf1194e2af7fff68d4df3ea7d0de
574444bdb71a0068007a232472f264c7cb26fd47
b3412fb0d7c3aa42c60fd17e8dccbb1c50c9eb9a7552b3c012e05c71b8db1aaa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/materia.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 7175
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/elegant.css?ver=6.0.3
41.222.32.13200 OK 4.0 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/elegant.css?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (6250)
Hash 7af8ea7cfce1132bdb50e8c930c5447d
e63fb232041b9a069947bb8104ff11ce26723d27
49368f644ac55a577b584efdcf3f0e7076245bb45775ba73526f63b6a5760e31
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/elegant.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3990
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/wpbingo.css?ver=6.0.3
41.222.32.13200 OK 585 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/wpbingo.css?ver=6.0.3
IP 41.222.32.13:0
Hash 2ecfeeb32600999d9fc31bfd7b92ef46
120054a75f826c30c9b3563c100deb4d95f42e16
42c5873efca85cb9a383700b3775f25e8a2d0ab09e2e074fad65c5889f595ed9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/wpbingo.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 585
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/icomoon.css?ver=6.0.3
41.222.32.13200 OK 454 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/icomoon.css?ver=6.0.3
IP 41.222.32.13:0
Hash 73e2446ca34d296ffcfd16b143875789
c11550e2a3087104c71ad82756df1f2312e8b59f
29e1452d1bac62de23bcb9fd161146cbf921373bd9d6de2658028792dd366c1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/icomoon.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 454
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
41.222.32.13200 OK 30 kB URL HTTP/2 vape.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 30273
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
41.222.32.13200 OK 4.0 kB URL HTTP/2 vape.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 41.222.32.13:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3995
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
41.222.32.13200 OK 3.0 kB URL HTTP/2 vape.co.za/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (1577)
Hash f9bd58ff6ff8b6d519f6bedfd8466af2
058a2339d68391def5388ec52f38ab89ee06d877
7b854fbfa48aecfb3cbc79b884fb79385f08fbc994bf60269a68424c18e9958a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 23:17:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3016
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/underscore.min.js?ver=1.13.3
41.222.32.13200 OK 7.2 kB URL HTTP/2 vape.co.za/wp-includes/js/underscore.min.js?ver=1.13.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (18876)
Hash 8f44fac7de7704cc9c42ca9cf95071b8
1fa95065580a736700586a6c6ba1e0c3304d301c
89d8fb5c9897186f5d8295777f8eecd5c9a8ec5a40b0e01b9afe3e6ff851a4a1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 7176
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/wp-util.min.js?ver=6.0.3
41.222.32.13200 OK 646 B URL HTTP/2 vape.co.za/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (1305)
Hash 6545e92af6fa2c33aed6fb1d0492af5e
b95b4d49921004f3a23ea8d057beadd4d45a6d74
ef9475d7d2b07f279a49a8458afc74f865810087e299437ef355024b93929eb2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 646
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/lib/buy-together/assets/js/frontend.js
41.222.32.13200 OK 2.3 kB URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/lib/buy-together/assets/js/frontend.js
IP 41.222.32.13:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 36b0856f0f2f45594d625d59c43323d4
edbfe6fdd19e1393ebab7fd79c29a9fd76bd11ca
c990308c257624fd3056ec4f58063ebac0ccd3ecc6e83c8d6dfe5de6563cfaf6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpbingo/lib/buy-together/assets/js/frontend.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2300
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/cookie.min.js?ver=2.3.16
41.222.32.13200 OK 907 B URL HTTP/2 vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/cookie.min.js?ver=2.3.16
IP 41.222.32.13:0
File type ASCII text, with very long lines (2000)
Hash 3fbe6476ddc0f15df0d813b52318612d
32e7b1f0b28477179f69bb22b533d171f6d9a296
beceb5932ac74c539237f59120ded52701b37566031a27be0526b71eff9dd9b7
GET /wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/cookie.min.js?ver=2.3.16 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Tue, 12 Oct 2021 07:49:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 907
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/gens-raf-public.js?ver=2.3.16
41.222.32.13200 OK 2.6 kB URL HTTP/2 vape.co.za/wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/gens-raf-public.js?ver=2.3.16
IP 41.222.32.13:0
Hash b8021609f1245d7679ff711cf8cead1c
a2f8a5eccf07821325f0c7aea6ed460200ddd570
0c8aec0ce5066e6ee68ee19588761324c3be8fd62a6c7ed7b251fff61b8d70bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpgens-refer-a-friend-premium/assets/js/gens-raf-public.js?ver=2.3.16 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Tue, 12 Oct 2021 07:49:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2612
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
41.222.32.13200 OK 905 B URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 41.222.32.13:0
File type ASCII text, with very long lines (11736)
Hash 8670fd6bb742c6b6b7670eb3c2b053c4
50540933b0b6333baaf8a1b0fa673860b04c98c4
b051431fd4bd43ae520e41bf014ff91071a9452e8fb118fc9d8e0499fe8ebfa9
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 905
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2019/02/Vape.co_.za-Logo-LogoTo-be-Placed-on-Dark-Background.png
41.222.32.13200 OK 25 kB URL HTTP/2 vape.co.za/wp-content/uploads/2019/02/Vape.co_.za-Logo-LogoTo-be-Placed-on-Dark-Background.png
IP 41.222.32.13:0
File type PNG image data, 778 x 244, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c310f8b2916ac049efa81a26cc8dd84
1b778727b34c9a37755cbd61e052fab9f060235d
e4527c9d6e59cc31f7ccff5b01064f8ec4873b986fb00ebb32b726be4d6de8ae
GET /wp-content/uploads/2019/02/Vape.co_.za-Logo-LogoTo-be-Placed-on-Dark-Background.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Mon, 04 Feb 2019 14:23:52 GMT
accept-ranges: bytes
content-length: 24728
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2021/10/payments_01.png
41.222.32.13200 OK 2.7 kB URL HTTP/2 vape.co.za/wp-content/uploads/2021/10/payments_01.png
IP 41.222.32.13:0
File type PNG image data, 64 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 20f2d9b250a06eb6c3f8a1c3750c5cbd
aa2a4c1858448efb6cb1c0e89a95591ce5a56419
f9fcf39eee26e9881fd70517204864a7d7ba2948ce43845fcbff7663897133c8
GET /wp-content/uploads/2021/10/payments_01.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 20:40:13 GMT
accept-ranges: bytes
content-length: 2656
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2021/10/payments_02.png
41.222.32.13200 OK 2.6 kB URL HTTP/2 vape.co.za/wp-content/uploads/2021/10/payments_02.png
IP 41.222.32.13:0
File type PNG image data, 65 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a98c4e00726df78a32df1d074f6a533
b586b88cdfb3ef930e9001a8ff7e8e56484ede5a
1daeccd7fcb0fcf6db9f7b6f6787abd5e6c987e8ed767577735da9c8bf3eb8a3
GET /wp-content/uploads/2021/10/payments_02.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 20:40:14 GMT
accept-ranges: bytes
content-length: 2596
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2021/10/payments_03.png
41.222.32.13200 OK 3.5 kB URL HTTP/2 vape.co.za/wp-content/uploads/2021/10/payments_03.png
IP 41.222.32.13:0
File type PNG image data, 95 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7979ffeced1ba2a585c226f151cbe53a
ee431eacc9143e07ccd7b1ddf9b2e6b0de04e36c
7e2367e0a4c3c6dbee8e0ebd225992502e646970cbd1f16b8ffd032e8d885d9c
GET /wp-content/uploads/2021/10/payments_03.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 20:40:15 GMT
accept-ranges: bytes
content-length: 3464
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2021/10/payments_04.png
41.222.32.13200 OK 3.7 kB URL HTTP/2 vape.co.za/wp-content/uploads/2021/10/payments_04.png
IP 41.222.32.13:0
File type PNG image data, 94 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 84a55beb2976b3ba7225f138e61f30d5
8b498c11b7d2ffec4a650cbc1475102a0b62d217
85e01fe42ea947576782c7dfc11ff857e5eaeb0e9d6e7bfe9f3f911e006ca0c2
GET /wp-content/uploads/2021/10/payments_04.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 20:40:15 GMT
accept-ranges: bytes
content-length: 3685
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/jquery.mmenu.all.min.js
41.222.32.13200 OK 15 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/jquery.mmenu.all.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (12346)
Hash 0a6718c29697e9492072581c689d72ea
bbb924fc179479a659c818ff8e479a78d4f2e95e
791c5cdc6f8188c55143b0c05500f6530878059c703197693ddd70bd64b4306c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/jquery.mmenu.all.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 14689
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/slick.min.js
41.222.32.13200 OK 10 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/slick.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (42862)
Hash 09ed72c756aef05979d1c10d176eeb7a
1f3c35043f1aae481a38b40327fefb959ff63885
8638bee02f96fc15e4a3dae0ae220e31f020ee0b10c8eb5f829d9986b3fc53c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/slick.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 10097
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/instafeed.min.js
41.222.32.13200 OK 1.9 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/instafeed.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (6175)
Hash dd34562485029b64087599abed628b34
f6997dc8788a571538ea2cd2542610cb5adc4dae
15a913d873304490e71b0eca14f3de67f123400cf9c5492781e49973334b8b70
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/instafeed.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1924
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/jquery.countdown.min.js
41.222.32.13200 OK 2.1 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/jquery.countdown.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (3703), with CRLF line terminators
Hash ac8c0e6b8691db508577c54a4ba01ecc
d626626da878870f4092b6b3ae784e109b5707b9
db3acd1cb1b9ed8e1d99e7fb1a69241e70c51e779e4ea0cdc80844bff8797de6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/jquery.countdown.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2129
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/jquery.elevatezoom.js
41.222.32.13200 OK 11 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/jquery.elevatezoom.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (390)
Hash 18eb5cb72780db8a777a5928ac91aaa6
540f885099a88c447983b1f42e65e6ee077ddf27
2b4d072e99239ab45603825f599a39c1d5f6727293254d62486c6d346222a0d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/jquery.elevatezoom.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 10561
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.0.1
41.222.32.13200 OK 12 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (30938)
Hash 26ee07c645a18d43b915f888356868e8
67afa92b2d66c314451378e692b6b3bf278f9c75
369ed192b03b104959e6c16572b663c9017658a6c8687cc88ffa7e441a7d02c8
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 11613
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.0.1
41.222.32.13200 OK 3.4 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.0.1
IP 41.222.32.13:0
File type HTML document, ASCII text, with very long lines (9536)
Hash eed261640a13b609653053d2a638f872
93cda65548c43a123c56258d2e8886f9b4a2c2b3
6a5412cadd9b2553341185b32a0614f4c45e400441a7852841a8d886fb0c2f6c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3432
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/jquery.circlestime.js
41.222.32.13200 OK 7.6 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/jquery.circlestime.js
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash a6b305ddea1a469b7b8fea5c1cb5db6e
c9555a6d93a86c46f55bf25e5745f512b6918985
1d1f08988ce985b2708f6bab409a3967a93f09df5229f18a0d974b6c8c397902
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/jquery.circlestime.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 7590
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/360imagerotate.js
41.222.32.13200 OK 2.0 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/360imagerotate.js
IP 41.222.32.13:0
Hash 979e91be1cde596046fb65c9d34367d1
baa8f59107f424b906aace50bd4ac8b7c8b49bed
ceca762159f078cb99857b15bb8483a303be6c174aefb8ec8e3a4559030b7e7d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/360imagerotate.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2003
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/portfolio.js
41.222.32.13200 OK 591 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/portfolio.js
IP 41.222.32.13:0
File type ASCII text, with CRLF line terminators
Hash 91aa44adb514fa98d2c18899a3db6569
c9219515a8dd56632b5aaffffdf41963fdbd0cb1
6a5369110db6cc68e92dc5bc76532acd2697ab85f533316f5e791f17625fe98c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/portfolio.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 591
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/sly.min.js
41.222.32.13200 OK 6.8 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/sly.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (18270)
Hash 9e5776d2dcdcd86da9f6da7d15bcc018
b8422cb294999ced74719bd67f746774bef00d63
36e4ab5e5ad585dbef87c73919a75e3b0433a224d57eb8f776621798d889b4e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/sly.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 6820
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/functions.js
41.222.32.13200 OK 8.2 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/functions.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (557)
Hash 8d0b123d2ec9a8ed66c3cf2cfa3970e8
bd57e03ba220f72247ce509623644b8248e2e301
47e35c7c293d82c0f097b7a616d8c97fd55dc60cc95dfd31008f16a4b852d741
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/functions.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Tue, 28 Sep 2021 13:12:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 8244
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.0.1
41.222.32.13200 OK 3.4 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (13887), with no line terminators
Hash 25fb50f4945fa93ea85568456a86fa97
0ea82027ad4720f101de9715adf4ad963a326207
c84cd16cc99c06eec7939713048efa3f35d176236b4c9740e3eb060c12791fb3
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3436
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=2.1.7
41.222.32.13200 OK 1.7 kB URL HTTP/2 vape.co.za/wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=2.1.7
IP 41.222.32.13:0
Hash 1cf9598015603ae9c54751c7f50bcfec
707959b4d1fac703fce3d64e0ce35c068fad0f36
3e279c00c2ee7346a36d1bacc279ac0c01bdb7bff48cac0087d81e81cf9333ff
GET /wp-content/plugins/variation-swatches-for-woocommerce/assets/js/frontend.js?ver=2.1.7 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1741
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0
41.222.32.13200 OK 4.0 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (14869)
Hash 564f097cf1c91789ede5935f27f4f879
7d08e220324006fe221bbc176df2051be8fc1f31
2de1ed7e80ab790199f4b3785fd3ac2494e039a96e55c67e76ea88244dfc93e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 4035
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
41.222.32.13200 OK 2.2 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (5141)
Hash 7ad05073b4b51b0acb0a888a202f47b2
6710c9d580aac82c1688f2af6e7f8a234c9ce629
efb5483c7f34f51ed50a87fe3ea32272ac329e2eb4173e408eeb92f256a0de3c
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 10 Aug 2022 15:15:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2190
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
41.222.32.13200 OK 2.0 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (4918)
Hash de5e833cc5e3e9a35efa603a30a0b167
b3a8ff39040414b053f27ba99da92d0d558e785d
d0d0131f2eee078b9167eca1905ea040f5f21d8079649d20ac3879dd2e15e7bc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2044
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
41.222.32.13200 OK 10 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
IP 41.222.32.13:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 7d48f8a599732218829a1fdae2595066
b2da0aa5b18319e4cb35d4371029967c7480b266
6fca2d8b92865f0fb8d79e68ccdab1cb0ac8d0a7f0bedb0e3733045cdf43aac9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 10425
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
41.222.32.13200 OK 2.4 kB URL HTTP/2 vape.co.za/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 41.222.32.13:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2354
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
41.222.32.13200 OK 6.9 kB URL HTTP/2 vape.co.za/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 41.222.32.13:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 6872
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
41.222.32.13200 OK 1.6 kB URL HTTP/2 vape.co.za/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 41.222.32.13:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1575
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
41.222.32.13200 OK 3.7 kB URL HTTP/2 vape.co.za/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 41.222.32.13:0
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3717
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
41.222.32.13200 OK 5.5 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (21374)
Hash 572e4b71b250e508ab15c8a34b337f98
e56f5fdd90bc72fab3f83a7d2c71faf10da4b74f
a49eb532f641eb23ecbf0191a9c532e34190e9b5f2eeb5e004f55b04ba7d94cd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 10 Aug 2022 15:15:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 5506
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
41.222.32.13200 OK 2.9 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 41.222.32.13:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2867
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
41.222.32.13200 OK 12 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (40474)
Hash c0de3fd1d3a417e5c624288c9c9c3910
d5130dd50365fbfb40e8347f9458f11a1db88708
117344b111d8d6a544b30d23aa826a3d6bdfc88e271be5a8f0d03531b67b80d8
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 11702
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
41.222.32.13200 OK 5.3 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (24339)
Hash e9661504567726c97f03debdd9dc4c93
f955558a8e79cee84da0eb450bc5082e0bc84801
d161cbf2b30aacfc2f41a6c34d13ae93726ab269a539bdcf84f623bff74c5d24
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Wed, 10 Aug 2022 15:15:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 5290
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
41.222.32.13200 OK 339 B URL HTTP/2 vape.co.za/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
IP 41.222.32.13:0
File type ASCII text, with very long lines (754), with no line terminators
Hash f4cea5c82bb62f34a31f39a322513366
bab5dfb3f8d04b76f83ca994798534e697b85290
5b00e0c1288d5d1f1df303a55bd0ff67d9acf5b734bc0093a651727c48a077ff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Thu, 20 Oct 2022 04:44:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 339
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
41.222.32.13200 OK 2.7 kB URL HTTP/2 vape.co.za/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (8290)
Hash 4d2a7a65f1d428537b9052b7bf5a6140
5089be111b4ae68c08882092227da06ca67ca157
114fed2dcaef63a9e06c88f300615501048e111601ed9ab75dfd3552448321f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 01 Aug 2022 13:34:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 2738
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
41.222.32.13200 OK 4.6 kB URL HTTP/2 vape.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 4619
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
41.222.32.13200 OK 3.6 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3629
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
41.222.32.13200 OK 12 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (65497)
Hash 33961f6f75efb984e93e022924499712
e7b1091fdee203fb8fe7136beeecafcb7229d720
07f308a7e1bc0988bf3e4d02917664da65a6afeb7d14e050e3623cdf6529e638
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 12400
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
41.222.32.13200 OK 1.5 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (11487)
Hash 603f32a51547bfe69b0ee558107a1361
748709d66aae83768d0ea81e25ca3ba5ddf110f5
d588c5aef1f101936d641f2e6f732ec238dec4f197e3ccd28eeba6e737c4a447
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 10 Aug 2022 15:15:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1533
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.0.3
41.222.32.13200 OK 311 B URL HTTP/2 vape.co.za/wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.0.3
IP 41.222.32.13:0
Hash c7c3c8c417eddd0e863eb387c662b942
58820756b983999ab72ba24e5650ab8949e55720
b419361696142eaa77c099297f75e08aec1b67b0adc30654c0f032fc2cfde219
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/post-grid-elementor-addon/assets/css/main.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 20 Oct 2022 04:44:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 311
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0
41.222.32.13200 OK 12 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (59158)
Hash 178f113615fea1b059cb42a9fcc9bb3d
a309d33fbab460ecc17467c18f99825c03ce039c
9fc6c8540b2078cfcec74cbd21ef6cedf7e2a4ec99d46a4868111eb601572859
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 12380
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0
41.222.32.13200 OK 4.0 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (26516)
Hash 32699c444a181cd316ee6cb56688144a
1366537c3db165e86947a2e963407283a1ea5b58
6b6910bbb4dacf40ae040c445dd7dd1871097c97a1520b6d5f528d7d88c072a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3987
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
41.222.32.13200 OK 12 kB URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 12133
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
41.222.32.13200 OK 284 B URL HTTP/2 vape.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 284
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.1
41.222.32.13200 OK 3.2 kB URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (9115)
Hash 66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3245
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.1
41.222.32.13200 OK 974 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.1
IP 41.222.32.13:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash fd8b126d3265cc6afc5b672273f78531
5058e579885cccf36c44bdeb5b7318bd75952af9
72da6709db061566cb5f67322f674a77f68acb69ac6181d37f9ca4a1bb7287b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 974
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.1
41.222.32.13200 OK 899 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 899
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.1
41.222.32.13200 OK 677 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 677
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.1
41.222.32.13200 OK 934 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 934
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
41.222.32.13200 OK 6.6 kB URL HTTP/2 vape.co.za/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 41.222.32.13:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 6637
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
41.222.32.13200 OK 1.0 kB URL HTTP/2 vape.co.za/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1000
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
41.222.32.13200 OK 3.0 kB URL HTTP/2 vape.co.za/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (10572)
Hash 4d91b181c899d08e40a921209ff01a35
a1fab39994e7a3a0bd3669e4d90867bdcb4c92fe
f03654a085cb9f742b777444c1a0d98925dbc1cae16f9d9c634eaadad6633dde
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 3000
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/assets/js/wpbingo.js?ver=6.0.3
41.222.32.13200 OK 4.3 kB URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/assets/js/wpbingo.js?ver=6.0.3
IP 41.222.32.13:0
File type ASCII text, with very long lines (558), with CRLF line terminators
Hash eb5391bd504de85efebded6ed8a33eb0
e516dd33dd42c75da52905edd194e7cf761a9ef3
a377a6d826837b139ab97e5e4a3e370153dda72f6ee2d5d27db9a0d404769331
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpbingo/assets/js/wpbingo.js?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 4349
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.7.0.1
41.222.32.13200 OK 687 B URL HTTP/2 vape.co.za/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.7.0.1
IP 41.222.32.13:0
File type ASCII text, with very long lines (1241)
Hash e47d39a42ec2ed1eb4760534ffd0ac50
45b9d7416b15c4ff1b094c2d0eab895b752544b6
ff321c5b86864d33a4b71e1fd780cc0978d91fde1f582cd66013011a7b1440ca
GET /wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1-wc.7.0.1 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 687
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/assets/js/newsletter.js
41.222.32.13200 OK 453 B URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/assets/js/newsletter.js
IP 41.222.32.13:0
Hash 53b96aa8edf826f99ca3481d4e0bf70c
aa801085dadc20242adb29039d0dbae803fdb33f
314ebc47f06f6a46e2fa6c08b7de0ca3668de409d9b31c1ce0881ea6eadc6bc3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpbingo/assets/js/newsletter.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 453
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/wpbingo/assets/js/filter.js
41.222.32.13200 OK 4.3 kB URL HTTP/2 vape.co.za/wp-content/plugins/wpbingo/assets/js/filter.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (558), with CRLF line terminators
Hash 628d0778a9cb47db00684f81fea1176a
c4e128dac60366fe52fe53237a1e9b35eec7f72a
a0956b905c660deae588ae6652dca8f945c2343c9c2f6bbd838a0bc38f9515f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpbingo/assets/js/filter.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 11 Oct 2021 21:09:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 4251
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/ean-for-woocommerce/includes/js/alg-wc-ean-variations.min.js?ver=4.4.0
41.222.32.13200 OK 286 B URL HTTP/2 vape.co.za/wp-content/plugins/ean-for-woocommerce/includes/js/alg-wc-ean-variations.min.js?ver=4.4.0
IP 41.222.32.13:0
File type ASCII text, with very long lines (878), with no line terminators
Hash 7a7f5d78a08b3b3fb7517869f32398b9
f59f697bf7933b43913948f05d7a70a664f85b7b
5141950d13af35766586e376df73db8d461731572062ba96698e7c6078cfd25f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ean-for-woocommerce/includes/js/alg-wc-ean-variations.min.js?ver=4.4.0 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:25:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 286
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.6.01
41.222.32.13200 OK 2.0 kB URL HTTP/2 vape.co.za/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.6.01
IP 41.222.32.13:0
File type ASCII text, with very long lines (6854), with no line terminators
Hash 90cba761ebe0aee308305b55dfd0a935
0205ee799159fa0e1de1aaa5ff6488e4c93a9fe0
3bd360af819ab676a415d35c39637f1ce4f3445a920b83af1da9c40d743cc5ba
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.6.01 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Mon, 07 Nov 2022 13:26:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 1999
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/popper.min.js
41.222.32.13200 OK 7.2 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/popper.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (21060)
Hash 5dbdd3abea19fdebf9757a55cc52ef53
25b17765093c430b14e0ccf98780c372d9c5e217
371de89547b9a4238904fe74ea041654764c6e3e22cd465fe99ca8d4407204c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/popper.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 7218
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/js/bootstrap.min.js
41.222.32.13200 OK 16 kB URL HTTP/2 vape.co.za/wp-content/themes/vapier/js/bootstrap.min.js
IP 41.222.32.13:0
File type ASCII text, with very long lines (552)
Hash e2bc2ca9eabeb893608b7e274cbe0fea
992160f37e65dd415405f6beb10db19e4ccf120e
025cfa530a5add7927a038b5dd48ee3c4774514d582fff88cc1ddc97b2bc1fc1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/js/bootstrap.min.js HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 09 Jul 2021 08:12:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 16513
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
vape.co.za/wp-content/uploads/2021/10/payments_05.png
41.222.32.13200 OK 3.5 kB URL HTTP/2 vape.co.za/wp-content/uploads/2021/10/payments_05.png
IP 41.222.32.13:0
File type PNG image data, 94 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 40aa94ec2e8d7623dcb5466e62900b96
59efd01bc9ea08264ac0d6383bccec6d723042a9
3a1b81df01d2f6f339eab565a6b765379d1f94568fd28442bbd2729f9ef7fa6c
GET /wp-content/uploads/2021/10/payments_05.png HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Wed, 24 May 2023 06:31:56 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 20:40:17 GMT
accept-ranges: bytes
content-length: 3478
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
vary: User-Agent,User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vape.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 13:28:31 GMT
expires: Tue, 23 Jan 2024 13:28:31 GMT
cache-control: public, max-age=31536000
age: 61406
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vape.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 07:08:09 GMT
expires: Sat, 20 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 343428
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-Z1QP1SEH0C>m=2oe1n0&_p=2074401045&gdid=dZGIzZG&cid=986287589.1674541915&ul=en-us&sr=1280x1024&_s=1&sid=1674541915&sct=1&seg=0&dl=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip&dt=Page%20not%20found%20-%20VAPE.co.za&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fnmt%2FC%2F4T65fl199.zip%26from%3D
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Z1QP1SEH0C>m=2oe1n0&_p=2074401045&gdid=dZGIzZG&cid=986287589.1674541915&ul=en-us&sr=1280x1024&_s=1&sid=1674541915&sct=1&seg=0&dl=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip&dt=Page%20not%20found%20-%20VAPE.co.za&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fnmt%2FC%2F4T65fl199.zip%26from%3D
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z1QP1SEH0C>m=2oe1n0&_p=2074401045&gdid=dZGIzZG&cid=986287589.1674541915&ul=en-us&sr=1280x1024&_s=1&sid=1674541915&sct=1&seg=0&dl=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip&dt=Page%20not%20found%20-%20VAPE.co.za&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fnmt%2FC%2F4T65fl199.zip%26from%3D HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vape.co.za
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vape.co.za
date: Tue, 24 Jan 2023 06:31:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Audiowide&display=swap&ver=6.0.3
142.250.74.74200 OK 819 B URL HTTP/2 fonts.googleapis.com/css2?family=Audiowide&display=swap&ver=6.0.3
IP 142.250.74.74:0
Hash fae2e6ef597e447955a65be01ca2487c
63f967ed36cd4394bf1023d874d8376dab3d1be6
d5c9ef2a2fd1b680248eeb704f66fa5542c439bd29cc27de84323848fe2caec3
GET /css2?family=Audiowide&display=swap&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:31:56 GMT
date: Tue, 24 Jan 2023 06:31:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chimpstatic.com/mcjs-connected/js/users/1aa795696cc092bef17647469/1a319a417909ca47a1303e982.js
96.6.17.210200 OK 653 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/1aa795696cc092bef17647469/1a319a417909ca47a1303e982.js
IP 96.6.17.210:0
Hash 5c4175ac0e0e6d95ac18d804b263153a
66985f07a251a4cb15b7570f57ae7eb30ab0e180
58bde7a88d8aa4d7f183b4749b2f747cda33ed54035190f10ba81c9312ba25d7
GET /mcjs-connected/js/users/1aa795696cc092bef17647469/1a319a417909ca47a1303e982.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fQdD2Mygd3gVLe00vIuHmZwGAJrB9MTwfEi8SjI6w/ysn7I+hqtzwtHvvXjt9e8c/lNTKj7jz4k=
x-amz-request-id: N5V1PEJBA85XY3NV
Last-Modified: Thu, 29 Sep 2022 13:26:25 GMT
ETag: "4b60d3ea13c42468679685c32a1680ac"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 17, 8, 6
X-EdgeConnect-Origin-MEX-Latency: 99, 103, 103
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Tue, 24 Jan 2023 07:01:57 GMT
Date: Tue, 24 Jan 2023 06:31:57 GMT
Content-Length: 653
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 24 Jan 2023 05:41:08 GMT
expires: Tue, 24 Jan 2023 07:41:08 GMT
cache-control: public, max-age=7200
age: 3050
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.110200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 05:59:15 GMT
expires: Tue, 24 Jan 2023 06:59:15 GMT
cache-control: public, max-age=3600
age: 1963
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-213713896-1&cid=986287589.1674541915&jid=459903666&gjid=658250817&_gid=2052563522.1674541917&_u=aCDAAUIgAAAAACAAI~&z=107303439
64.233.161.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-213713896-1&cid=986287589.1674541915&jid=459903666&gjid=658250817&_gid=2052563522.1674541917&_u=aCDAAUIgAAAAACAAI~&z=107303439
IP 64.233.161.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-213713896-1&cid=986287589.1674541915&jid=459903666&gjid=658250817&_gid=2052563522.1674541917&_u=aCDAAUIgAAAAACAAI~&z=107303439 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://vape.co.za
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://vape.co.za
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Jan 2023 06:31:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:31:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700%3B1%2C800&display=swap&ver=6.0.3
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700%3B1%2C800&display=swap&ver=6.0.3
IP 142.250.74.74:0
GET /css2?family=Montserrat%3Aital%2Cwght%400%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700%3B1%2C800&display=swap&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:31:56 GMT
date: Tue, 24 Jan 2023 06:31:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vape.co.za/wp-content/themes/vapier/css/template.css?ver=6.0.3
41.222.32.13200 OK 0 B URL HTTP/2 vape.co.za/wp-content/themes/vapier/css/template.css?ver=6.0.3
IP 41.222.32.13:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/vapier/css/template.css?ver=6.0.3 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Wed, 24 Jan 2024 06:31:56 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 15 Nov 2022 13:08:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 130395
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.74:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:31:56 GMT
date: Tue, 24 Jan 2023 06:31:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vape.co.za/wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/js/build/lpac-public.js?ver=1.6.9
41.222.32.13200 OK 0 B URL HTTP/2 vape.co.za/wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/js/build/lpac-public.js?ver=1.6.9
IP 41.222.32.13:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/map-location-picker-at-checkout-for-woocommerce/assets/public/js/build/lpac-public.js?ver=1.6.9 HTTP/1.1
Host: vape.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vape.co.za/nmt/C/4T65fl199.zip
Cookie: mailchimp_landing_site=https%3A%2F%2Fvape.co.za%2Fnmt%2FC%2F4T65fl199.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800,public
expires: Tue, 31 Jan 2023 06:31:56 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Thu, 20 Oct 2022 04:44:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent,User-Agent,Accept-Encoding
content-length: 311
date: Tue, 24 Jan 2023 06:31:56 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2