r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18690
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 18:01:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10964
Expires: Mon, 06 Feb 2023 21:04:14 GMT
Date: Mon, 06 Feb 2023 18:01:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Mon, 06 Feb 2023 20:07:15 GMT
Date: Mon, 06 Feb 2023 18:01:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 17:36:28 GMT
content-type: application/json
age: 1502
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1MuvAYdFpOiAxqkDhPXTD41xPmRvKyWlyiyat6xZ1Cmo4DSAqzZk0jhTyTxY155p43S7Ac2uNr8=
x-amz-request-id: QXXRD03XRQFKW3TN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 17:35:12 GMT
age: 1578
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 17:51:19 GMT
age: 611
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 18:01:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6691
Expires: Mon, 06 Feb 2023 19:53:02 GMT
Date: Mon, 06 Feb 2023 18:01:31 GMT
Connection: keep-alive
push.services.mozilla.com/
35.160.120.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.120.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 34fky1m6uupMNCyptbEJSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l9/cWF4yVOrm9SLwroNllIVYQbU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2829
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 18:01:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2829
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 18:01:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2829
Expires: Mon, 06 Feb 2023 18:48:41 GMT
Date: Mon, 06 Feb 2023 18:01:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:39 GMT
age: 71273
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 84108
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 72689
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 72683
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 72456
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 72689
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blit.co.za/srv/J9/rc/WM4jQwxJ.zip
160.119.248.8301 Moved Permanently 0 B URL HTTP/1.1 blit.co.za/srv/J9/rc/WM4jQwxJ.zip
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /srv/J9/rc/WM4jQwxJ.zip HTTP/1.1
Host: blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 18:01:30 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
160.119.248.8404 Not Found 43 kB URL HTTP/1.1 www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash f8e3d94e113dc589377d47dc1c4ba158
e3843ea05497812ac070de95aefa756dac9694cb
4ba71fc399379c04c050f8de8af74fc0ef9c1535ce7beeb438cdfc71ee270037
Analyzer Verdict Alert fortinet Malware
GET /srv/J9/rc/WM4jQwxJ.zip HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 18:01:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.blit.co.za/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.blit.co.za/wp-includes/css/classic-themes.min.css?ver=1
160.119.248.8200 OK 217 B URL HTTP/1.1 www.blit.co.za/wp-includes/css/classic-themes.min.css?ver=1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 02 Nov 2022 08:17:31 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
160.119.248.8200 OK 5.3 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (5305), with no line terminators
Hash ee78f26525b08d4e372b92a1a3ed1d26
b4dbb4706c8a479b3891cbeddf19e162e36bd61a
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 5305
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
160.119.248.8200 OK 19 kB URL HTTP/1.1 www.blit.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Fri, 27 May 2022 08:38:52 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blit.co.za/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8
160.119.248.8200 OK 17 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (16823), with no line terminators
Hash 45d09dd97ef87808dc42cce7d237d267
eb4c42172b5ea7212776f12acb1a556d5dd149ac
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.8 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Dec 2021 08:57:48 GMT
Accept-Ranges: bytes
Content-Length: 16823
Keep-Alive: timeout=5, max=100
Content-Type: text/css
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4
142.250.74.106200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4
IP 142.250.74.106:0
Hash 65d356ad78116a08ee84d776964df1d5
aef4098c828cbf5cea94ca3aa6b45645f82c208a
7a05694f268246115f6a332012f2c5d26de1aeeb2249bd8ce7f8e15c077894a2
GET /css?family=Open+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.2.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.blit.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 18:01:36 GMT
date: Mon, 06 Feb 2023 18:01:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blit.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
160.119.248.8200 OK 2.7 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:56:34 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0
160.119.248.8200 OK 12 kB URL HTTP/1.1 www.blit.co.za/wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash c8c2a299075441ac66c9b0515ccbe82d
b5d1c64541949e374fbb7d0f78502c82bc5d8823
46f5923e67207718f6978a0cd6e8bd550899ca23d0c5fa7adf46a6d4e67ed3d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/stm_fonts/stm/stm.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 10:59:39 GMT
Accept-Ranges: bytes
Content-Length: 11898
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1
160.119.248.8200 OK 16 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 2d57daec7be0d67c610d85bb9b9ff18f
0db5f0bac0cc6a4150f5e1c93c1f469de3c10f6b
a7c935f95aeb8182d229c38b65ff7351637dfc03e3c2e1ce1cc6753e8eca914f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/eroom-zoom-meetings-webinar/assets/css/frontend/main.css?ver=1.3.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:57:29 GMT
Accept-Ranges: bytes
Content-Length: 15659
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
160.119.248.8200 OK 529 B URL HTTP/1.1 www.blit.co.za/wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF line terminators
Hash b655ad4016c052d438708a50654f7957
046aa8f2e76f9f0c7412b5f6e7a52b8ceed20421
3109fef8b2a9ab71fca698483d2bae36d8fed772517c259dacce872e739bb690
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/recent-tweets-widget/tp_twitter_plugin.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 00:07:56 GMT
Accept-Ranges: bytes
Content-Length: 529
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
160.119.248.8200 OK 95 kB URL HTTP/1.1 www.blit.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 16 Nov 2022 07:37:56 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.blit.co.za/wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1
160.119.248.8200 OK 1.2 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (1249), with no line terminators
Hash 585ae91c16282c2507ef31e087143d34
16385142a9a40895ba416b02ebe2144805d39303
f2ead27abcd3d4b65c01b8d7ec578d5fe72afec4c4258dd20bbabc4f23995fce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stm-gdpr-compliance/assets/css/styles.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 10:58:26 GMT
Accept-Ranges: bytes
Content-Length: 1249
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
160.119.248.8200 OK 192 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 192 kB (192102 bytes)
Hash 07cbe55d3b4a9fb7f079a6b3411159ea
86fbea1de32414a6a87f70ef7fedbbfa754dae25
b63468a1ed4bc776b1f43f4e7afea63235656b39065695e3ece1a9db2271c403
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 192102
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1
160.119.248.8200 OK 63 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 7892d7349e74e7dd7fae386eda2dded7
bd31f749a68bfffc0ba299d94b5de5d3803d9b9b
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 62803
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1
160.119.248.8200 OK 18 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash 1cbcc9e85ba99c007f519bf1a67feb58
82d238c9b2a1797c0ad785c01309c49dc1f302af
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 17925
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0
160.119.248.8200 OK 34 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (34217)
Hash ffb96099720dde6483d7cab290c543ee
1a6ece8eee36923d795cdf78674b47e7f1b8e94f
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 34399
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675706495
160.119.248.8200 OK 59 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675706495
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (59158)
Hash 74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stm-post-type/theme-options/nuxy/metaboxes/assets/vendors/font-awesome.min.css?ver=1675706495 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 13:05:30 GMT
Accept-Ranges: bytes
Content-Length: 59344
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4
160.119.248.8200 OK 118 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65177)
Size 118 kB (118221 bytes)
Hash 09c097468c2402d88f759bff90371957
eb79fc5404d924831a51db9b34a42795f710597c
1a6a0bcd11e48c5a016b21ce7212bee386cbb5f3aae2b0a73fdfd62a38779fd3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/bootstrap.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 118221
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0
160.119.248.8200 OK 56 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (56243)
Hash f7409f91a34ea35236d98702f4e69f4c
3a3c16cbb1114f8e210b87cf3102a99968bf6a26
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 56425
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/style.css?ver=6.2.4
160.119.248.8200 OK 20 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/style.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (438)
Hash 1d599bccfeef9530b8c60629b1a19c1f
9d1f3af5371719b931684e05e955f64e66ffb96d
195cb1e975597c84923ed28cd20ebb82198404313b562e8ef74c7c5c8d040a99
GET /wp-content/themes/consulting/style.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 20446
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4
160.119.248.8200 OK 31 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (30857)
Hash bab23154df2eebdb1d6857a2a553c196
cf00d4ce0559ad23063799c6edfa2cb3d2c31ea9
fcef7501a06d3d108599949ecbce2a7cd926ded556172c5408dc38155951158c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/font-awesome.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:36 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 31020
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4
160.119.248.8200 OK 15 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (14923), with no line terminators
Hash d9bebc78e923b6ccdf70de5824786eef
7d46d95d759d5d3698deb8299282a5d5c9a95374
ef604f87375b1cb5b66c2e489bb1a206567004a63fead1ee23bdafefd77450e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/select2.min.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 14923
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4
160.119.248.8200 OK 2.5 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash bd8d2b0ea667c85fbe201f2cea6645c1
cdefabb71ae52d76c7f4a0001d6a42bfcc204161
f9ca777ec78406677e6766efc7741f31275064bdf086d215da5f434a34f54d88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/header_builder.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 2507
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4
160.119.248.8200 OK 17 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash caf7c408bb13e802cc3566b94f6c6d8d
e43435fb9eaa918f5b8e35c9e110124b8bd13751
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb
GET /wp-content/themes/consulting/assets/css/jquery.fancybox.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 17412
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4
160.119.248.8200 OK 8.6 kB URL HTTP/1.1 www.blit.co.za/wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (8647), with no line terminators
Hash e82686e1b7f4a858874856e6cf6587a7
be49d7ce9ee33655dd7ef60dcb6da12d83fab1a9
d9694838e57ee273523d071750f94fd1d5bdacb91db8a652b197dd74ff600a32
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/stm_uploads/theme_options.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Wed, 15 Dec 2021 18:46:15 GMT
Accept-Ranges: bytes
Content-Length: 8647
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4
160.119.248.8200 OK 62 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (62058), with no line terminators
Hash e0bd294d85e2d0ae608cd668fbe8331f
48f47c101c14107a40fd0bc2ed12194becbebeb8
ae9737ed40d7312d155e9cefce708442adba2dd80cf3c561a1808570cdff5c31
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/layouts/global_styles/main.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:58:11 GMT
Accept-Ranges: bytes
Content-Length: 62058
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1
160.119.248.8200 OK 15 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (14844), with no line terminators
Hash b9e4db60e1d341f130ae532c9fe26b84
97ee62e9397e5593a44d1786c3cef61f5dd7aaf2
05aee75131f2bb1d05434394efdefa88ad103ce759d426bbe88e8e502842909b
GET /wp-content/themes/consulting/inc/megamenu/assets/css/megamenu.css?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 14844
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0
160.119.248.8200 OK 48 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (48378), with no line terminators
Hash d3133f105db3156c2cdebdf00a4a52e0
26a8a3301b8b811d02fae3b38a6090da824968e5
9c32a1fe4ca9e1272d2bea5febe84ef0df7ea67f31480cd6b6584ab662d963e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/header/main.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 48378
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0
160.119.248.8200 OK 378 B URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 70a5a5735d4764876ba9ade6f02d5e67
53dfef5d69c7aba0e6d060ddecd42fdaa971bdb9
e7f3d7942e84df89f6ae293c85283e93515d1d5a00edd1bf131d9a0b98945791
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/vendor/sticky.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 378
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0
160.119.248.8200 OK 31 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
160.119.248.8200 OK 90 kB URL HTTP/1.1 www.blit.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:17:32 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
160.119.248.8200 OK 11 kB URL HTTP/1.1 www.blit.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:22:47 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
160.119.248.8200 OK 9.5 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (9151)
Hash 2e96f622673104a3fb67ab56f849c073
f4c17ae4709cad9bc997357581f4e30fc4bbee2c
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 9545
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4
160.119.248.8200 OK 699 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65536), with no line terminators
Size 699 kB (699258 bytes)
Hash 7ef9e737c867bd043a1197b5b792c48c
616af38a511d3b913e181dff42a178c8dcb7273c
85c69095fade5d795c7e2d4a2b3111a7b2c22cf04358acd8bd7e703297978de3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/css/layouts/layout_barcelona/main.css?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:58:37 GMT
Accept-Ranges: bytes
Content-Length: 699258
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
160.119.248.8200 OK 3.0 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=131451
160.119.248.8200 OK 477 kB URL HTTP/1.1 www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=131451
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65536), with no line terminators
Size 477 kB (477351 bytes)
Hash f7645f6f63dc9f68f01b83e8e4b568ec
69d98bab223ab5f9c1529d1f428bf0b9310f70a3
be08a5d7816daf3f91247ecf65b3c5b98a7c037e2b63df16420e70346d0e1e35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/stm_uploads/skin-custom.css?ver=131451 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 12:51:02 GMT
Accept-Ranges: bytes
Content-Length: 477351
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
160.119.248.8200 OK 992 B URL HTTP/1.1 www.blit.co.za/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:35:31 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1
160.119.248.8200 OK 1.7 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash d764e7ba43bdec7cd1cac12afdc8184b
27bbbaf3d2df73c6749df9aaa86566ea640c56d7
0dc9adab309692622c58cd63ca2f830bed3c805b446554ad504bc55177fd3e5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/inc/megamenu/assets/js/megamenu.js?ver=6.1.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 1711
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
160.119.248.8200 OK 58 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 4c3247fd7a9515c2bb4c588f29590de2
e027694b5bcf5f282c35b37761c25d39bf047af0
c30c5b740610275fd73ab469fea10cc11844d60befb266be86845c738b2ecec4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:37 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:26:52 GMT
Accept-Ranges: bytes
Content-Length: 57682
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
160.119.248.8200 OK 6.5 kB URL HTTP/1.1 www.blit.co.za/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Fri, 27 May 2022 08:38:51 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.blit.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 601737
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.blit.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 298409
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blit.co.za/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
160.119.248.8200 OK 18 kB URL HTTP/1.1 www.blit.co.za/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:17:31 GMT
Accept-Ranges: bytes
Content-Length: 17823
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
160.119.248.8200 OK 12 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type HTML document, ASCII text, with very long lines (11862), with no line terminators
Hash 862c82d8373e4d69aa5af6c994389bda
042bb60eee9e7dbffcbd43d529517e562f97f455
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:56:34 GMT
Accept-Ranges: bytes
Content-Length: 11862
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 18:01:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/jquery.countdown.js?ver=1.3.1
160.119.248.8200 OK 3.2 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/jquery.countdown.js?ver=1.3.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 7e24d6569aa126817ea932b93012748d
87808e2aa55606f1946c9bba68106167e11177c4
3b2133a7b2456964bfd4f4a27f4d58169caf4b874dfcf49aac5dc20e59be9e2a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/jquery.countdown.js?ver=1.3.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:57:29 GMT
Accept-Ranges: bytes
Content-Length: 3196
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/main.js?ver=1.3.1
160.119.248.8200 OK 899 B URL HTTP/1.1 www.blit.co.za/wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/main.js?ver=1.3.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash a51d273e564b694f0e45b4461ea55060
3ec79a3a04c81efa86dc519e09da01e2e195acb4
7cc62412ad14d2441e02c2aacbf0c8101cb1dc7058d2f05b80ea93fccf9e4324
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/eroom-zoom-meetings-webinar/assets/js/frontend/main.js?ver=1.3.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 08:57:29 GMT
Accept-Ranges: bytes
Content-Length: 899
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
160.119.248.8200 OK 381 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (64288)
Size 381 kB (381436 bytes)
Hash 9a6e48854f5854ab3923b881322a8d3a
219838077fe7b1a88a0cfaa9f775790d82a81f78
ececa11daba0ee1c5bf9c56ec4d40be9e455e69ffe1b61a1e7d08108f4699418
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:26:52 GMT
Accept-Ranges: bytes
Content-Length: 381436
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
160.119.248.8200 OK 1.8 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
160.119.248.8200 OK 2.1 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
160.119.248.8200 OK 2.9 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2938), with no line terminators
Hash 51af5d767f0300f23ecec6298b707395
5eb2d3d937fe0392a974937125d0420666b9396c
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
160.119.248.8200 OK 124 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (42889)
Size 124 kB (124134 bytes)
Hash e4bc260935352e71791596e3c8b0c205
336eff1507c4d4f88bbc8f9630f405e827357cde
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 15:26:52 GMT
Accept-Ranges: bytes
Content-Length: 124134
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/themes/consulting/assets/js/jquery.fancybox.pack.js?ver=6.2.4
160.119.248.8200 OK 68 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/js/jquery.fancybox.pack.js?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type HTML document, ASCII text, with very long lines (31972)
Hash 49a6b4d019a934bcf83f0c397eba82d8
6181412e73966696d08e1e5b1243a572d0f22ba6
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
GET /wp-content/themes/consulting/assets/js/jquery.fancybox.pack.js?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 68253
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/themes/consulting/assets/js/bootstrap.min.js?ver=6.2.4
160.119.248.8200 OK 36 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/js/bootstrap.min.js?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (32052)
Hash 177aca3f806e66d21a0ef9d5582d1fb9
80b83d71e18e5baade578f618ee93797c41e6469
3ec5b49347711f437c06ed86a07ac37801b72278c721cbf446401bd40820c044
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/js/bootstrap.min.js?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 36146
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.5.9.1
160.119.248.8200 OK 74 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (64065)
Hash 0477e66d86dc417128f8aa129499ba84
c6f95fc10d29c998e63a550ce47aacd54a7d0a86
7bf700513f618f443f7cf3417acb9a9cb278a33d6fb942b5045bc1829df009de
GET /wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 74162
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/themes/consulting/assets/js/custom.js?ver=6.2.4
160.119.248.8200 OK 26 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/js/custom.js?ver=6.2.4
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 015d1b958080ec2223ff91008334f7d5
eab4fc0b257999f8859bfb5e3d0ced79d328cebc
9c37aa653148a72608dc6a2b0b227163cd0b0cbbcad45271a4a157594d4a0ba2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/consulting/assets/js/custom.js?ver=6.2.4 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 26313
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/sticky.js?ver=1.0
160.119.248.8200 OK 2.2 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/sticky.js?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash 694c97392822c7739655accaef4e7baf
d266bb3ca0db6eb43382d0aea71b3f39d28a9748
4fdeed5220274d70d64ac8b6c976546033671e112e9bf640e9ac9ea948e3f68c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/sticky.js?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 09:35:11 GMT
Accept-Ranges: bytes
Content-Length: 2241
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/app.js?ver=1.0
160.119.248.8200 OK 3.2 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/app.js?ver=1.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
Hash f76b27c2c4cdf45aec2eaedd80311c81
afbe74bdf5e4e06a392f0151759e940ee8e60ec9
4ebffae46c294a145c4268b97f4595925bb07d11687423e2d1f26fd839e87775
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/js/app.js?ver=1.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 09:39:10 GMT
Accept-Ranges: bytes
Content-Length: 3220
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
160.119.248.8200 OK 77 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pearl-header-builder/assets/frontend/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.blit.co.za/wp-content/plugins/pearl-header-builder/assets/frontend/assets/css/font-awesome.min.css?ver=1.0
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 20 May 2021 11:03:13 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2
www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1
160.119.248.8200 OK 7.0 kB URL HTTP/1.1 www.blit.co.za/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.9.1 HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/srv/J9/rc/WM4jQwxJ.zip
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2022 20:39:11 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
www.blit.co.za/wp-content/themes/consulting/assets/images/page_404.jpg
160.119.248.8200 OK 146 kB URL HTTP/1.1 www.blit.co.za/wp-content/themes/consulting/assets/images/page_404.jpg
IP 160.119.248.8:0
ASN #328364 Host-Africa-AS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 146 kB (146275 bytes)
Hash a888354e6b751bb4ab077c042f9cb3a1
7b28b7b0683abc4b885dc410a494f454b02aaee5
b613c7cf60d37617c2574f85494d9b98c7363ab58f3da8f162b175624affec98
GET /wp-content/themes/consulting/assets/images/page_404.jpg HTTP/1.1
Host: www.blit.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.blit.co.za/wp-content/uploads/stm_uploads/skin-custom.css?ver=131451
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 18:01:38 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2021 10:57:43 GMT
Accept-Ranges: bytes
Content-Length: 146275
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg